PDA

View Full Version : Pop up on left of screen and some sites 3 on the bottom of screen


lonchpad
2014-10-05, 04:44
I picked up something, I dont know what it is.

Using Mozella,
just scanned and removed with SPYBOT, no improvements.

when I put my curser in this subject box another full web screen pops up but in the background.



When I open any web page there is this popup on the left of screen " T neurowise " with free spyware removal...11813

Seems as the pop up on the left had ads for whatever venue of page you opened.

When I open some web sites in addition to the popup on the left of screen I get 3 pop ups on the bottom of the screen.11814

WIN 8.1 64bit


Any thoughts on how I should proceed?

don't have allot of time to devote to this.

Thanks
MB

----------------------------------------------
Edit

Forum FAQ:
http://forums.spybot.info/showthread.php?288-quot-BEFORE-You-POST-quot-%28Please-read-this-Procedure-Before-Requesting-Assistance%29-Updated
OCD
2014-10-05, 05:05
Hi lonchpad,

My name is OCD. I would be more than happy to take a look at your log and help you with solving any malware problems you might have. Logs can take a while to research, so please be patient and know that I am working hard to get you a clean and functional system back in your hands. I'd be grateful if you would note the following:

I will be working on your Malware issues, this may or may not, solve other issues you have with your machine.
The fixes are specific to your problem and should only be used for the issues on this machine.
Please continue to review my answers until I tell you your machine appears to be clear. Absence of symptoms does not mean that everything is clear.
It's often worth reading through these instructions and printing them for ease of reference.
If you don't know or understand something, please don't hesitate to say or ask!! It's better to be sure and safe than sorry.
Please reply to this thread. Do not start a new topic.
Copy and Paste logs directly into the reply window. DO NOT attach the logs unless specifically instructed to do so.
IMPORTANT NOTE : Please do not delete, download or install anything unless instructed to do so.

DO NOT use any TOOLS such as Combofix or HijackThis fixes without supervision. Doing so could make your system inoperable and could require a full reinstall of your Operating System and losing all your programs and data.

Please stay with this topic until I let you know that your system appears to be "All Clear"

Important: All tools MUST be run from the Desktop.


don't have allot of time to devote to this.
Malware removal is not a speedy process, but I will make every attempt to get this resolved as quickly as possible.

=========================

http://i1269.photobucket.com/albums/jj590/OCD-WTT/bullseye_zpse9eaf36e.gif (http://s1269.photobucket.com/user/OCD-WTT/media/bullseye_zpse9eaf36e.gif.html) Security Check

Download Security Check by screen317 from here (http://screen317.spywareinfoforum.org/SecurityCheck.exe) or here (http://screen317.changelog.fr/SecurityCheck.exe).
Save it to your Desktop.

Windows XP : Double click on the icon to run it.
Windows Vista, Windows 7 & 8 : Right click and select "Run as Administrator"
A Notepad document should open automatically called checkup.txt; please post the contents of that document.

=========================

http://i1269.photobucket.com/albums/jj590/OCD-WTT/bullseye_zpse9eaf36e.gif (http://s1269.photobucket.com/user/OCD-WTT/media/bullseye_zpse9eaf36e.gif.html) aswMBR

Download aswMBR.exe (http://public.avast.com/~gmerek/aswMBR.exe) and save it to your desktop.


Windows XP : Double click on the icon to run it.
Windows Vista, Windows 7 & 8 : Right click and select "Run as Administrator"

When asked if you want to download Avast's virus definitions please select Yes.
Click Scan
Upon completion of the scan, click Save log and save it to your desktop, and post that log in your next reply for review. Note - do NOT attempt any Fix yet.
You will also notice another file created on the desktop named MBR.dat. Right click that file and select Send To>Compressed (zipped) file. Save it to your desktop, do not post.

=========================

http://i1269.photobucket.com/albums/jj590/OCD-WTT/bullseye_zpse9eaf36e.gif (http://s1269.photobucket.com/user/OCD-WTT/media/bullseye_zpse9eaf36e.gif.html) Download Farbar Recovery Scan Tool (http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/) and save to your desktop.

Note: You need to run the version compatible with your system. If you are not sure which version applies to your system download both of them and try to run them. Only one of them will run on your system, that will be the right version.


Right click and select "Run as Administrator" to run it. When the tool opens click Yes to disclaimer.
Press Scan button.
It will make a log (FRST.txt) in the same directory the tool is run. Please copy and paste it to your reply.
The first time the tool is run, it makes also another log (Addition.txt). Please attach it to your reply

=========================

In your next post please provide the following:

checkup.txt
aswMBR.txt
FRST.txt
Addition.txt
lonchpad
2014-10-05, 18:01
Results of screen317's Security Check version 0.99.88
x64 (UAC is enabled)
Internet Explorer 11
``````````````Antivirus/Firewall Check:``````````````
Windows Firewall Enabled!
Spybot - Search and Destroy
Windows Defender
Antivirus up to date!
`````````Anti-malware/Other Utilities Check:`````````
Spybot - Search & Destroy
Adobe Flash Player 15.0.0.152
Adobe Reader XI
Mozilla Firefox (32.0.3)
Google Chrome 37.0.2062.120
Google Chrome 37.0.2062.124
````````Process Check: objlist.exe by Laurent````````
Spybot Teatimer.exe is disabled!
Mark AppData Roaming uTorrent\VirusGuard\BitTorrentAntivirus.exe
`````````````````System Health check`````````````````
Total Fragmentation on Drive C: %
````````````````````End of Log``````````````````````





aswMBR version 1.0.1.2041 Copyright(c) 2014 AVAST Software
Run date: 2014-10-05 21:11:31
-----------------------------
21:11:31.780 OS Version: Windows x64 6.2.9200
21:11:31.780 Number of processors: 8 586 0x3A09
21:11:31.781 ComputerName: MBASUS31DEC2103 UserName: Mark
21:11:32.188 Initialize success
21:11:32.201 VM: initialized successfully
21:11:32.204 VM: Intel CPU supported
21:11:54.736 VM: disk I/O iaStorA.sys
21:14:31.313 AVAST engine defs: 14100500
22:50:23.544 The log file has been saved successfully to "C:\Users\Mark\Desktop\aswMBR.txt"






Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 04-10-2014 01
Ran by Mark (administrator) on MBASUS31DEC2103 on 05-10-2014 22:53:25
Running from C:\Users\Mark\Desktop
Loaded Profile: Mark (Available profiles: Mark)
Platform: Windows 8.1 (X64) OS Language: English (United States)
Internet Explorer Version 11
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(ASUS) C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnSrv.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
() C:\ProgramData\DatacardService\HWDeviceService64.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
() C:\ProgramData\MobileBrServ\mbbService.exe
(Pandora.TV) C:\Program Files (x86)\PANDORA.TV\PanService\KMPService.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
(PandoraTV) C:\Program Files (x86)\PANDORA.TV\PanService\KMPProcess.exe
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.24.15\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.24.15\GoogleCrashHandler64.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\Browny02\BrYNSvc.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Intel Corporation) C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
(Just Develop It) C:\Program Files (x86)\JustCloud\BackupStack.exe
(Intel(R) Corporation) C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
(ASUS) C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnWMI.exe
(ASUS) C:\Program Files\ASUS\P4G\BatteryLife.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe
(ASUS) C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnCfg.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLoader.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\QuickGesture\x64\QuickGesture64.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\QuickGesture\x86\QuickGesture.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPHelper.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonX86\Microsoft Shared\OFFICE15\CSISYNCCLIENT.EXE
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
(Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe
(Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe
(JustCloud.com) C:\Program Files (x86)\JustCloud\JustCloud.exe
(CyberLink Corp.) C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\ControlCenter4\BrCtrlCntr.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\ControlCenter4\BrCcUxSys.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\Brother\Brother Help\BrotherHelp.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
() C:\Program Files (x86)\Jawbone\JawboneUpdater.exe
(ASUS) C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
() C:\Program Files (x86)\ASUS\Splendid\ColorUService.exe
(ASUSTeK) C:\Windows\SysWOW64\ACEngSvr.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.Reader_6.3.9654.17044_x64__8wekyb3d8bbwe\glcnd.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreamsDownloader.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPCenter.exe
(BitTorrent Inc.) C:\Users\Mark\AppData\Roaming\uTorrent\uTorrent.exe
() C:\Users\Mark\AppData\Roaming\uTorrent\VirusGuard\BitTorrentAntivirus.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_15_0_0_152.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_15_0_0_152.exe
() C:\Program Files (x86)\neurowise\bin\utilneurowise.exe
() C:\Program Files (x86)\neurowise\updateneurowise.exe
() C:\Program Files (x86)\neurowise\bin\neurowise.PurBrowse64.exe
() C:\Program Files (x86)\neurowise\bin\neurowise.BrowserAdapter64.exe
() C:\Program Files (x86)\neurowise\bin\neurowise.BrowserAdapter.exe
(FreeDownloadManager.ORG) C:\Program Files (x86)\Free Download Manager\fdm.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20605_x64__8wekyb3d8bbwe\livecomm.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13213328 2012-10-18] (Realtek Semiconductor)
HKLM\...\Run: [BTMTrayAgent] => rundll32.exe "C:\Program Files (x86)\Intel\Bluetooth\btmshell.dll",TrayApp
HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch
HKLM-x32\...\Run: [Adobe Reader Speed Launcher] => "C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe"
HKLM-x32\...\Run: [RemoteControl10] => C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe [91432 2012-03-29] (CyberLink Corp.)
HKLM-x32\...\Run: [ASUSWebStorage] => C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.9.120\AsusWSPanel.exe [3417984 2012-08-28] (ASUS Cloud Corporation)
HKLM-x32\...\Run: [mobilegeni daemon] => C:\Program Files (x86)\Mobogenie\DaemonProcess.exe
HKLM-x32\...\Run: [SDTray] => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe [5624784 2013-07-26] (Safer-Networking Ltd.)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959176 2014-08-22] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [KiesTrayAgent] => C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe [311616 2014-02-03] (Samsung Electronics Co., Ltd.)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2014-01-17] (Apple Inc.)
HKLM-x32\...\Run: [ControlCenter4] => C:\Program Files (x86)\ControlCenter4\BrCcBoot.exe [139264 2013-05-15] (Brother Industries, Ltd.)
HKLM-x32\...\Run: [BrStsMon00] => C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe [4522496 2012-12-27] (Brother Industries, Ltd.)
HKLM-x32\...\Run: [BrHelp] => C:\Program Files (x86)\Brother\Brother Help\BrotherHelp.exe [2009088 2013-01-18] (Brother Industries, Ltd.)
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2014-09-01] (Apple Inc.)
Winlogon\Notify\igfxcui: C:\WINDOWS\system32\igfxdev.dll (Intel Corporation)
Winlogon\Notify\SDWinLogon-x32: SDWinLogon.dll [X]
HKU\S-1-5-21-1579019205-3585864088-4210726827-1001\...\Run: [SkyDrive] => C:\Users\Mark\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe [251040 2014-08-08] (Microsoft Corporation)
HKU\S-1-5-21-1579019205-3585864088-4210726827-1001\...\Run: [Messenger (Yahoo!)] => C:\Program Files (x86)\Yahoo!\Messenger\YahooMessenger.exe [6595928 2012-05-25] (Yahoo! Inc.)
HKU\S-1-5-21-1579019205-3585864088-4210726827-1001\...\Run: [uTorrent] => C:\Users\Mark\AppData\Roaming\uTorrent\uTorrent.exe [1416016 2014-09-25] (BitTorrent Inc.)
HKU\S-1-5-21-1579019205-3585864088-4210726827-1001\...\Run: [KiesPreload] => C:\Program Files (x86)\Samsung\Kies\Kies.exe [1564992 2014-02-03] (Samsung)
HKU\S-1-5-21-1579019205-3585864088-4210726827-1001\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [43816 2014-08-08] (Apple Inc.)
HKU\S-1-5-21-1579019205-3585864088-4210726827-1001\...\Run: [ApplePhotoStreams] => C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe [43816 2014-08-14] (Apple Inc.)
HKU\S-1-5-21-1579019205-3585864088-4210726827-1001\...\Run: [GoogleDriveSync] => C:\Program Files (x86)\Google\Drive\googledrivesync.exe [22734160 2014-08-08] (Google)
HKU\S-1-5-21-1579019205-3585864088-4210726827-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [22041192 2014-08-27] (Skype Technologies S.A.)
HKU\S-1-5-21-1579019205-3585864088-4210726827-1001\...\Run: [Spybot-S&D Cleaning] => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDCleaner.exe [3666224 2013-09-21] (Safer-Networking Ltd.)
HKU\S-1-5-21-1579019205-3585864088-4210726827-1001\...\MountPoints2: {01114c1d-0764-11e4-bea6-582c80139263} - "G:\AutoRun.exe"
HKU\S-1-5-21-1579019205-3585864088-4210726827-1001\...\MountPoints2: {055c0a3a-d0fe-11e3-be96-84a6c8e4c414} - "G:\AutoRun.exe"
HKU\S-1-5-21-1579019205-3585864088-4210726827-1001\...\MountPoints2: {140c7816-36ad-11e4-beb2-84a6c8e4c414} - "G:\AutoRun.exe"
HKU\S-1-5-21-1579019205-3585864088-4210726827-1001\...\MountPoints2: {17800a7f-34c5-11e4-beb0-84a6c8e4c414} - "G:\AutoRun.exe"
HKU\S-1-5-21-1579019205-3585864088-4210726827-1001\...\MountPoints2: {17800f34-34c5-11e4-beb0-84a6c8e4c414} - "G:\AutoRun.exe"
HKU\S-1-5-21-1579019205-3585864088-4210726827-1001\...\MountPoints2: {25fe3a0a-bcbd-11e3-be92-582c80139263} - "H:\LaunchU3.exe" -a
HKU\S-1-5-21-1579019205-3585864088-4210726827-1001\...\MountPoints2: {6c4768c9-078b-11e4-bea7-84a6c8e4c414} - "G:\AutoRun.exe"
HKU\S-1-5-21-1579019205-3585864088-4210726827-1001\...\MountPoints2: {6c477ef7-078b-11e4-bea7-84a6c8e4c414} - "G:\AutoRun.exe"
HKU\S-1-5-21-1579019205-3585864088-4210726827-1001\...\MountPoints2: {6c4780a4-078b-11e4-bea7-84a6c8e4c414} - "G:\AutoRun.exe"
HKU\S-1-5-21-1579019205-3585864088-4210726827-1001\...\MountPoints2: {fd22fcb2-a2dd-11e3-be87-84a6c8e4c414} - "G:\AutoRun.exe"
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\CineForm Status.lnk
ShortcutTarget: CineForm Status.lnk -> C:\Program Files (x86)\CineForm\Tools\GoProCineFormStatusViewer.exe (GoPro)
Startup: C:\Users\Mark\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\JustCloud.lnk
ShortcutTarget: JustCloud.lnk -> C:\Program Files (x86)\JustCloud\JustCloud.exe (JustCloud.com)
Startup: C:\Users\Mark\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Launch Jawbone Updater.lnk
ShortcutTarget: Launch Jawbone Updater.lnk -> C:\Program Files (x86)\Jawbone\LaunchJU.exe ()
ShellIconOverlayIdentifiers: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => No File
ShellIconOverlayIdentifiers: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => No File
ShellIconOverlayIdentifiers: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => No File
ShellIconOverlayIdentifiers: [ SkyDrivePro1 (ErrorConflict)] -> {8BA85C75-763B-4103-94EB-9470F12FE0F7} => C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ SkyDrivePro2 (SyncInProgress)] -> {CD55129A-B1A1-438E-A425-CEBC7DC684EE} => C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ SkyDrivePro3 (InSync)] -> {E768CD3B-BDDC-436D-9C13-E1B39CA257B1} => C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
ShellIconOverlayIdentifiers: [AsusWSShellExt_B] -> {6D4133E5-0742-4ADC-8A8C-9303440F7190} => C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.9.120\ASUSWSShellExt64.dll (ASUS Cloud Corporation.)
ShellIconOverlayIdentifiers: [AsusWSShellExt_O] -> {64174815-8D98-4CE6-8646-4C039977D808} => C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.9.120\ASUSWSShellExt64.dll (ASUS Cloud Corporation.)
ShellIconOverlayIdentifiers: [AsusWSShellExt_U] -> {1C5AB7B1-0B38-4EC4-9093-7FD277E2AF4D} => C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.9.120\ASUSWSShellExt64.dll (ASUS Cloud Corporation.)
ShellIconOverlayIdentifiers-x32: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => No File
ShellIconOverlayIdentifiers-x32: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => No File
ShellIconOverlayIdentifiers-x32: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => No File

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
SearchScopes: HKLM - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=ASU2JS
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=ASU2JS
SearchScopes: HKLM-x32 - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=ASU2JS
SearchScopes: HKLM-x32 - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=ASU2JS
SearchScopes: HKCU - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: No Name -> {02478D38-C3F9-4efb-9B51-7695ECA05670} -> No File
BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
BHO-x32: Free Download Manager -> {CC59E0F9-7E43-44FA-9FAA-8377850BF205} -> C:\Program Files (x86)\Free Download Manager\iefdm2.dll (FreeDownloadManager.ORG)
BHO-x32: neurowise -> {d08ab008-0647-4784-8e2c-5769cd4a7c3a} -> C:\Program Files (x86)\neurowise\neurowisebho.dll No File
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.100.1

FireFox:
========
FF ProfilePath: C:\Users\Mark\AppData\Roaming\Mozilla\Firefox\Profiles\188zl65w.default
FF Homepage: https://www.facebook.com/mark.burke.77|https://mail.google.com/mail/u/0/?pli=1#inbox|https://www.siriusxm.com/player/#view=login
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_15_0_0_152.dll ()
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_152.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1207148.dll (Adobe Systems, Inc.)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @divx.com/DivX Browser Plugin,version=1.0.0 -> C:\WINDOWS\system32\C2MP\npdivx32.dll No File
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6 -> C:\Program Files (x86)\Yahoo!\Shared\npYState.dll (Yahoo! Inc.)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @SonyCreativeSoftware.com/Media Go,version=1.0 -> C:\Program Files (x86)\Sony\Media Go\npmediago.dll (Sony Network Entertainment International LLC)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.0 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF user.js: detected! => C:\Users\Mark\AppData\Roaming\Mozilla\Firefox\Profiles\188zl65w.default\user.js
FF Extension: iCloud Bookmarks - C:\Users\Mark\AppData\Roaming\Mozilla\Firefox\Profiles\188zl65w.default\Extensions\firefoxdav@icloud.com [2014-06-17]
FF Extension: Garmin Communicator - C:\Users\Mark\AppData\Roaming\Mozilla\Firefox\Profiles\188zl65w.default\Extensions\{195A3098-0BD5-4e90-AE22-BA1C540AFD1E} [2014-04-21]
FF Extension: DownloadHelper - C:\Users\Mark\AppData\Roaming\Mozilla\Firefox\Profiles\188zl65w.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d} [2014-09-06]
FF Extension: Route Rat - C:\Users\Mark\AppData\Roaming\Mozilla\Firefox\Profiles\188zl65w.default\Extensions\jid1-gj6Yirk3s75wkA@jetpack.xpi [2014-05-05]
FF Extension: neurowise - C:\Users\Mark\AppData\Roaming\Mozilla\Firefox\Profiles\188zl65w.default\Extensions\{fe651286-52a1-461b-a17a-f258b4b81968}.xpi [2014-10-03]
FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2014-07-14]
FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK
FF Extension: Free Download Manager plugin - C:\ProgramData\Free Download Manager\Firefox\Extensions\1.6.0.7 [2014-05-18]

Chrome:
=======
CHR HomePage: Default -> 4C8A98960D04E225290065E98CF390B477E949F9D6CE94A608E65DA261BBA7D8
CHR DefaultSearchKeyword: Default -> 38D0AAB7A5CCD641CDDF5C784C33DF3535117274E8E7A0E9E6816BFE9B621399
CHR DefaultSearchURL: Default -> A9F2CB76508DBA89C7A2EA9D2A6B9B09A88EC6CD07448E80B1CF064D9D3C6E62
CHR Profile: C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Docs) - C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-01-13]
CHR Extension: (Google Drive) - C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-01-13]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-07-31]
CHR Extension: (YouTube) - C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-01-13]
CHR Extension: (Google Search) - C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-01-13]
CHR Extension: (Google Wallet) - C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-01-13]
CHR Extension: (Gmail) - C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-01-13]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2014-07-14]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 ASUS InstantOn; C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnSrv.exe [277120 2012-04-14] (ASUS)
R2 BackupStack; C:\Program Files (x86)\JustCloud\BackupStack.exe [36936 2014-09-18] (Just Develop It) <==== ATTENTION
R3 BrYNSvc; C:\Program Files (x86)\Browny02\BrYNSvc.exe [282112 2012-10-26] (Brother Industries, Ltd.) [File not signed]
R3 BthHFSrv; C:\Windows\System32\BthHFSrv.dll [321024 2013-08-22] (Microsoft Corporation)
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1390176 2014-07-14] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1767520 2014-07-14] (Microsoft Corporation)
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2428088 2014-08-12] (Microsoft Corporation)
R2 HWDeviceService64.exe; C:\ProgramData\DatacardService\HWDeviceService64.exe [351824 2013-04-10] ()
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [165760 2012-07-17] (Intel Corporation)
R3 KeyIso; C:\Windows\SysWOW64\keyiso.dll [44032 2013-08-22] (Microsoft Corporation)
S3 lfsvc; C:\Windows\SysWOW64\GeofenceMonitorService.dll [357376 2014-03-14] (Microsoft Corporation)
R2 Mobile Broadband HL Service; C:\ProgramData\MobileBrServ\mbbservice.exe [239696 2013-07-23] ()
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [273136 2013-08-29] ()
S3 Netlogon; C:\Windows\SysWOW64\netlogon.dll [688640 2014-03-06] (Microsoft Corporation)
R2 PanService; C:\Program Files (x86)\PANDORA.TV\PanService\KMPService.exe [1922600 2013-07-09] (Pandora.TV)
R2 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [3921880 2013-10-16] (Safer-Networking Ltd.)
R2 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [1042272 2013-09-21] (Safer-Networking Ltd.)
R2 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [171416 2013-09-14] (Safer-Networking Ltd.)
S3 smphost; C:\Windows\SysWOW64\smphost.dll [11776 2013-08-22] (Microsoft Corporation)
S3 StorSvc; C:\Windows\SysWOW64\storsvc.dll [18944 2013-08-22] (Microsoft Corporation)
R2 Update neurowise; C:\Program Files (x86)\neurowise\updateneurowise.exe [522528 2014-10-05] ()
R2 Util neurowise; C:\Program Files (x86)\neurowise\bin\utilneurowise.exe [522528 2014-10-05] ()
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347880 2014-03-24] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2014-03-24] (Microsoft Corporation)
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3378416 2013-08-29] (Intel® Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R3 ATP; C:\Windows\System32\drivers\AsusTP.sys [61824 2012-11-01] (ASUS Corporation)
R3 BthA2DP; C:\Windows\system32\drivers\BthA2DP.sys [131584 2013-08-22] (Microsoft Corporation)
R3 BthHFAud; C:\Windows\system32\DRIVERS\BthHfAud.sys [32640 2013-08-22] (Microsoft Corporation)
R3 BthLEEnum; C:\Windows\System32\drivers\BthLEEnum.sys [226304 2013-12-05] (Microsoft Corporation)
R3 kbfiltr; C:\Windows\System32\drivers\kbfiltr.sys [14992 2012-08-02] ( )
S3 libusb0; C:\Windows\system32\DRIVERS\libusb0.sys [52320 2014-08-15] (http://libusb-win32.sourceforge.net)
R3 NETwNe64; C:\Windows\system32\DRIVERS\Netwew00.sys [3345376 2013-10-09] (Intel Corporation)
R3 usb3Hub; C:\Windows\System32\drivers\usb3Hub.sys [47072 2012-10-10] (Windows (R) Win 7 DDK provider)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [123224 2014-03-24] (Microsoft Corporation)
R3 XHCIPort; C:\Windows\System32\drivers\XHCIPort.sys [188896 2012-10-10] (Windows (R) Win 7 DDK provider)
R1 {fe651286-52a1-461b-a17a-f258b4b81968}w64; C:\Windows\System32\drivers\{fe651286-52a1-461b-a17a-f258b4b81968}w64.sys [48832 2014-10-03] (StdLib)
U3 aswMBR; \??\C:\Users\Mark\AppData\Local\Temp\aswMBR.sys [X]
U3 aswVmm; \??\C:\Users\Mark\AppData\Local\Temp\aswVmm.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-10-05 22:53 - 2014-10-05 22:53 - 00028089 _____ () C:\Users\Mark\Desktop\FRST.txt
2014-10-05 22:53 - 2014-10-05 22:53 - 00000000 ____D () C:\FRST
2014-10-05 22:50 - 2014-10-05 22:50 - 00000598 _____ () C:\Users\Mark\Desktop\aswMBR.txt
2014-10-05 21:09 - 2014-10-05 21:09 - 00000924 _____ () C:\Users\Mark\Desktop\1 checkup.txt
2014-10-05 21:03 - 2014-10-05 21:03 - 02109440 _____ (Farbar) C:\Users\Mark\Desktop\FRST64.exe
2014-10-05 20:56 - 2014-10-05 21:00 - 05185536 _____ (AVAST Software) C:\Users\Mark\Desktop\aswMBR.exe
2014-10-05 20:55 - 2014-10-05 20:55 - 00854436 _____ () C:\Users\Mark\Desktop\SecurityCheck.exe
2014-10-04 17:21 - 2014-10-03 23:04 - 00048832 _____ (StdLib) C:\WINDOWS\system32\Drivers\{fe651286-52a1-461b-a17a-f258b4b81968}w64.sys
2014-10-04 02:36 - 2014-10-04 02:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\QuickTime
2014-10-04 02:36 - 2014-10-04 02:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\custom matrices
2014-10-04 02:36 - 2014-10-04 02:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\C2MP
2014-10-04 02:36 - 2014-10-04 02:36 - 00000000 ____D () C:\Users\Mark\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\D-i-v-X - AVI Codec Pack Pro
2014-10-04 02:35 - 2014-10-05 08:45 - 00000000 ____D () C:\Program Files (x86)\neurowise
2014-10-04 02:33 - 2014-10-04 02:34 - 00699016 _____ (CNET Download.com) C:\Users\Mark\Downloads\cbsidlm-cbsi213-AVI_Codec_Pack_Pro-SEO-10509745.exe
2014-09-30 23:14 - 2014-09-30 23:16 - 00000000 ____D () C:\Users\Mark\Desktop\computer uses
2014-09-28 16:56 - 2014-09-28 17:00 - 00000000 ____D () C:\Users\Mark\Documents\To be copied
2014-09-25 04:27 - 2014-09-25 04:28 - 00690192 _____ () C:\Users\Mark\Downloads\Bagram_Offer_Letter_.zip
2014-09-24 14:16 - 2014-09-24 14:16 - 00000000 ____D () C:\Users\Mark\Documents\Shipping
2014-09-24 14:16 - 2014-09-16 19:04 - 00038027 _____ () C:\Users\Mark\Documents\EHI RW Project Ledger 9.10.14.xlsx
2014-09-24 14:14 - 2014-09-24 14:46 - 00000000 ____D () C:\Users\Mark\Documents\Downloads Ship ake-6
2014-09-23 01:15 - 2014-09-23 01:15 - 00217549 _____ () C:\Users\Mark\Documents\water.xps
2014-09-19 03:22 - 2014-09-19 03:06 - 21043967 _____ () C:\Users\Mark\Desktop\Homemade_fuel_vaporizer_on_my_lawn_mower.mp4
2014-09-18 19:15 - 2014-09-18 19:15 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2014-09-18 19:07 - 2014-09-18 19:07 - 00003094 _____ () C:\WINDOWS\System32\Tasks\{1DC34C3C-9BFD-4856-9843-F32BC48A8A98}
2014-09-18 19:05 - 2014-09-18 19:05 - 00001797 _____ () C:\Users\Public\Desktop\iTunes.lnk
2014-09-18 19:05 - 2014-09-18 19:05 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2014-09-18 19:05 - 2014-09-18 19:05 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-09-18 19:05 - 2014-09-18 19:05 - 00000000 ____D () C:\Program Files\iTunes
2014-09-18 19:05 - 2014-09-18 19:05 - 00000000 ____D () C:\Program Files\iPod
2014-09-18 18:32 - 2014-09-18 19:05 - 00000000 ____D () C:\Program Files (x86)\iTunes
2014-09-18 17:30 - 2014-09-18 17:30 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iCloud
2014-09-18 14:48 - 2014-07-24 23:28 - 00468288 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBHUB3.SYS
2014-09-18 14:48 - 2014-07-24 23:28 - 00419648 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbhub.sys
2014-09-18 14:48 - 2014-07-24 23:28 - 00412992 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spaceport.sys
2014-09-18 14:48 - 2014-07-24 23:28 - 00280384 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pci.sys
2014-09-18 14:48 - 2014-07-24 23:28 - 00143680 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbccgp.sys
2014-09-18 14:48 - 2014-07-24 23:25 - 00054752 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2014-09-18 14:48 - 2014-07-24 23:23 - 01519488 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll
2014-09-18 14:48 - 2014-07-24 23:23 - 00125472 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmapi.dll
2014-09-18 14:48 - 2014-07-24 23:20 - 21266336 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2014-09-18 14:48 - 2014-07-24 23:20 - 00645592 _____ (Microsoft Corporation) C:\WINDOWS\system32\SHCore.dll
2014-09-18 14:48 - 2014-07-24 23:20 - 00263400 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsAdminFlows.exe
2014-09-18 14:48 - 2014-07-24 23:16 - 02574208 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMVDECOD.DLL
2014-09-18 14:48 - 2014-07-24 23:16 - 00211216 _____ (Microsoft Corporation) C:\WINDOWS\system32\SndVol.exe
2014-09-18 14:48 - 2014-07-24 23:07 - 07424320 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2014-09-18 14:48 - 2014-07-24 23:07 - 02009920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2014-09-18 14:48 - 2014-07-24 23:05 - 01660048 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2014-09-18 14:48 - 2014-07-24 23:05 - 01519560 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2014-09-18 14:48 - 2014-07-24 23:05 - 01488008 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2014-09-18 14:48 - 2014-07-24 23:05 - 01356840 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2014-09-18 14:48 - 2014-07-24 23:03 - 02141920 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2014-09-18 14:48 - 2014-07-24 23:03 - 00882136 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfplat.dll
2014-09-18 14:48 - 2014-07-24 23:03 - 00818624 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll
2014-09-18 14:48 - 2014-07-24 23:03 - 00360480 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfreadwrite.dll
2014-09-18 14:48 - 2014-07-24 23:03 - 00233888 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll
2014-09-18 14:48 - 2014-07-24 23:03 - 00205512 _____ (Microsoft Corporation) C:\WINDOWS\system32\mftranscode.dll
2014-09-18 14:48 - 2014-07-24 22:57 - 02515264 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2014-09-18 14:48 - 2014-07-24 22:57 - 00475968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netio.sys
2014-09-18 14:48 - 2014-07-24 21:50 - 00098048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmapi.dll
2014-09-18 14:48 - 2014-07-24 21:48 - 02410976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMVDECOD.DLL
2014-09-18 14:48 - 2014-07-24 21:48 - 00180208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SndVol.exe
2014-09-18 14:48 - 2014-07-24 21:46 - 18760328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2014-09-18 14:48 - 2014-07-24 21:46 - 00477200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SHCore.dll
2014-09-18 14:48 - 2014-07-24 21:36 - 02145472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2014-09-18 14:48 - 2014-07-24 21:36 - 00707536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfplat.dll
2014-09-18 14:48 - 2014-07-24 21:36 - 00674512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll
2014-09-18 14:48 - 2014-07-24 21:36 - 00355800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfreadwrite.dll
2014-09-18 14:48 - 2014-07-24 21:36 - 00180720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mftranscode.dll
2014-09-18 14:48 - 2014-07-24 19:51 - 00008192 _____ (Microsoft Corporation) C:\WINDOWS\system32\KBDRUM.DLL
2014-09-18 14:48 - 2014-07-24 19:51 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\system32\KBDYAK.DLL
2014-09-18 14:48 - 2014-07-24 19:51 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\system32\KBDTT102.DLL
2014-09-18 14:48 - 2014-07-24 19:51 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\system32\KBDTAT.DLL
2014-09-18 14:48 - 2014-07-24 19:51 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\system32\KBDRU1.DLL
2014-09-18 14:48 - 2014-07-24 19:51 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\system32\KBDBASH.DLL
2014-09-18 14:48 - 2014-07-24 19:51 - 00006656 _____ (Microsoft Corporation) C:\WINDOWS\system32\KBDRU.DLL
2014-09-18 14:48 - 2014-07-24 19:47 - 00132608 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll
2014-09-18 14:48 - 2014-07-24 19:46 - 00079872 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\IPMIDrv.sys
2014-09-18 14:48 - 2014-07-24 19:45 - 00076800 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hdaudbus.sys
2014-09-18 14:48 - 2014-07-24 19:44 - 00674816 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv2.sys
2014-09-18 14:48 - 2014-07-24 19:43 - 00412160 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv.sys
2014-09-18 14:48 - 2014-07-24 19:43 - 00064000 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthmodem.sys
2014-09-18 14:48 - 2014-07-24 19:42 - 01200640 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthport.sys
2014-09-18 14:48 - 2014-07-24 19:42 - 00446976 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\nwifi.sys
2014-09-18 14:48 - 2014-07-24 19:42 - 00126464 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\NdisImPlatform.sys
2014-09-18 14:48 - 2014-07-24 19:41 - 00118272 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthpan.sys
2014-09-18 14:48 - 2014-07-24 19:41 - 00115712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bridge.sys
2014-09-18 14:48 - 2014-07-24 19:33 - 00059392 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups.dll
2014-09-18 14:48 - 2014-07-24 19:33 - 00050688 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups2.dll
2014-09-18 14:48 - 2014-07-24 19:22 - 00308736 _____ (Microsoft Corporation) C:\WINDOWS\system32\compstui.dll
2014-09-18 14:48 - 2014-07-24 19:06 - 00220160 _____ (Microsoft Corporation) C:\WINDOWS\system32\iasnap.dll
2014-09-18 14:48 - 2014-07-24 19:05 - 00287232 _____ (Microsoft Corporation) C:\WINDOWS\system32\usbmon.dll
2014-09-18 14:48 - 2014-07-24 19:05 - 00226816 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebClnt.dll
2014-09-18 14:48 - 2014-07-24 18:52 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KBDYAK.DLL
2014-09-18 14:48 - 2014-07-24 18:52 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KBDTT102.DLL
2014-09-18 14:48 - 2014-07-24 18:52 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KBDTAT.DLL
2014-09-18 14:48 - 2014-07-24 18:51 - 00008192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KBDRUM.DLL
2014-09-18 14:48 - 2014-07-24 18:51 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KBDRU1.DLL
2014-09-18 14:48 - 2014-07-24 18:51 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KBDBASH.DLL
2014-09-18 14:48 - 2014-07-24 18:51 - 00006656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KBDRU.DLL
2014-09-18 14:48 - 2014-07-24 18:49 - 00065536 _____ (Microsoft Corporation) C:\WINDOWS\system32\WorkFoldersGPExt.dll
2014-09-18 14:48 - 2014-07-24 18:33 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wups.dll
2014-09-18 14:48 - 2014-07-24 18:32 - 00207360 _____ (Microsoft Corporation) C:\WINDOWS\system32\powercfg.cpl
2014-09-18 14:48 - 2014-07-24 18:20 - 02050560 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRH.dll
2014-09-18 14:48 - 2014-07-24 18:18 - 01089024 _____ (Microsoft Corporation) C:\WINDOWS\system32\gpedit.dll
2014-09-18 14:48 - 2014-07-24 18:12 - 00878592 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActionCenter.dll
2014-09-18 14:48 - 2014-07-24 18:10 - 01844224 _____ (Microsoft Corporation) C:\WINDOWS\system32\Display.dll
2014-09-18 14:48 - 2014-07-24 18:10 - 00834560 _____ (Microsoft Corporation) C:\WINDOWS\system32\osk.exe
2014-09-18 14:48 - 2014-07-24 18:10 - 00198656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WebClnt.dll
2014-09-18 14:48 - 2014-07-24 18:10 - 00168960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iasnap.dll
2014-09-18 14:48 - 2014-07-24 18:09 - 01057280 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdvidcrl.dll
2014-09-18 14:48 - 2014-07-24 18:06 - 00438272 _____ (Microsoft Corporation) C:\WINDOWS\system32\puiobj.dll
2014-09-18 14:48 - 2014-07-24 18:05 - 00187392 _____ (Microsoft Corporation) C:\WINDOWS\system32\WorkFoldersShell.dll
2014-09-18 14:48 - 2014-07-24 17:53 - 00215552 _____ (Microsoft Corporation) C:\WINDOWS\system32\prnntfy.dll
2014-09-18 14:48 - 2014-07-24 17:52 - 00621056 _____ (Microsoft Corporation) C:\WINDOWS\system32\comdlg32.dll
2014-09-18 14:48 - 2014-07-24 17:44 - 16874496 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2014-09-18 14:48 - 2014-07-24 17:42 - 00206336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\powercfg.cpl
2014-09-18 14:48 - 2014-07-24 17:40 - 00557056 _____ (Microsoft Corporation) C:\WINDOWS\system32\PrintDialogs.dll
2014-09-18 14:48 - 2014-07-24 17:39 - 00770048 _____ (Microsoft Corporation) C:\WINDOWS\system32\WorkfoldersControl.dll
2014-09-18 14:48 - 2014-07-24 17:33 - 01741824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SRH.dll
2014-09-18 14:48 - 2014-07-24 17:32 - 01048064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gpedit.dll
2014-09-18 14:48 - 2014-07-24 17:27 - 00855552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdvidcrl.dll
2014-09-18 14:48 - 2014-07-24 17:27 - 00779264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\osk.exe
2014-09-18 14:48 - 2014-07-24 17:25 - 00832512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActionCenter.dll
2014-09-18 14:48 - 2014-07-24 17:24 - 01817088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Display.dll
2014-09-18 14:48 - 2014-07-24 17:23 - 00328704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\puiobj.dll
2014-09-18 14:48 - 2014-07-24 17:21 - 00134144 _____ (Microsoft Corporation) C:\WINDOWS\system32\browser.dll
2014-09-18 14:48 - 2014-07-24 17:18 - 00018432 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvcpal.dll
2014-09-18 14:48 - 2014-07-24 17:16 - 12730880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2014-09-18 14:48 - 2014-07-24 17:14 - 00443904 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansec.dll
2014-09-18 14:48 - 2014-07-24 17:13 - 00195584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\prnntfy.dll
2014-09-18 14:48 - 2014-07-24 17:12 - 00127488 _____ (Microsoft Corporation) C:\WINDOWS\system32\WiFiDisplay.dll
2014-09-18 14:48 - 2014-07-24 17:11 - 00356864 _____ (Microsoft Corporation) C:\WINDOWS\system32\conhost.exe
2014-09-18 14:48 - 2014-07-24 17:11 - 00063488 _____ (Microsoft Corporation) C:\WINDOWS\system32\wshbth.dll
2014-09-18 14:48 - 2014-07-24 17:10 - 00540672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comdlg32.dll
2014-09-18 14:48 - 2014-07-24 17:09 - 00116736 _____ (Microsoft Corporation) C:\WINDOWS\system32\httpprxm.dll
2014-09-18 14:48 - 2014-07-24 17:04 - 00492032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintDialogs.dll
2014-09-18 14:48 - 2014-07-24 17:04 - 00183808 _____ (Microsoft Corp.) C:\WINDOWS\system32\Defrag.exe
2014-09-18 14:48 - 2014-07-24 17:03 - 00324096 _____ (Microsoft Corporation) C:\WINDOWS\system32\srvsvc.dll
2014-09-18 14:48 - 2014-07-24 17:02 - 00220160 _____ (Microsoft Corporation) C:\WINDOWS\system32\profsvc.dll
2014-09-18 14:48 - 2014-07-24 16:58 - 00105472 _____ (Microsoft Corporation) C:\WINDOWS\system32\BluetoothApis.dll
2014-09-18 14:48 - 2014-07-24 16:53 - 01261056 _____ (Microsoft Corporation) C:\WINDOWS\system32\gpsvc.dll
2014-09-18 14:48 - 2014-07-24 16:53 - 00449536 _____ (Microsoft Corporation) C:\WINDOWS\system32\defragsvc.dll
2014-09-18 14:48 - 2014-07-24 16:49 - 01361408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll
2014-09-18 14:48 - 2014-07-24 16:49 - 01287680 _____ (Microsoft Corporation) C:\WINDOWS\system32\mispace.dll
2014-09-18 14:48 - 2014-07-24 16:49 - 00296960 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanapi.dll
2014-09-18 14:48 - 2014-07-24 16:49 - 00075776 _____ (Microsoft Corporation) C:\WINDOWS\system32\adhsvc.dll
2014-09-18 14:48 - 2014-07-24 16:48 - 00659968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Bluetooth.dll
2014-09-18 14:48 - 2014-07-24 16:47 - 00102912 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmcsp.dll
2014-09-18 14:48 - 2014-07-24 16:43 - 00051200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wshbth.dll
2014-09-18 14:48 - 2014-07-24 16:39 - 02397184 _____ (Microsoft Corporation) C:\WINDOWS\system32\storagewmi.dll
2014-09-18 14:48 - 2014-07-24 16:38 - 00371200 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanmsm.dll
2014-09-18 14:48 - 2014-07-24 16:36 - 00079872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BluetoothApis.dll
2014-09-18 14:48 - 2014-07-24 16:32 - 01532416 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvc.dll
2014-09-18 14:48 - 2014-07-24 16:30 - 00230400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlanapi.dll
2014-09-18 14:48 - 2014-07-24 16:29 - 00439296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Bluetooth.dll
2014-09-18 14:48 - 2014-07-24 16:28 - 00595456 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.dll
2014-09-18 14:48 - 2014-07-24 16:27 - 00907776 _____ (Microsoft Corporation) C:\WINDOWS\system32\iphlpsvc.dll
2014-09-18 14:48 - 2014-07-24 16:24 - 00249344 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2014-09-18 14:48 - 2014-07-24 16:23 - 01404416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\storagewmi.dll
2014-09-18 14:48 - 2014-07-24 16:22 - 00487936 _____ (Microsoft Corporation) C:\WINDOWS\system32\winspool.drv
2014-09-18 14:48 - 2014-07-24 16:21 - 01231872 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2014-09-18 14:48 - 2014-07-24 16:21 - 00302080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlanmsm.dll
2014-09-18 14:48 - 2014-07-24 16:20 - 00187392 _____ (Microsoft Corporation) C:\WINDOWS\system32\puiapi.dll
2014-09-18 14:48 - 2014-07-24 16:19 - 00388608 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUSettingsProvider.dll
2014-09-18 14:48 - 2014-07-24 16:18 - 01144320 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanmm.dll
2014-09-18 14:48 - 2014-07-24 16:18 - 00795136 _____ (Microsoft Corporation) C:\WINDOWS\system32\spoolsv.exe
2014-09-18 14:48 - 2014-07-24 16:18 - 00093696 _____ (Microsoft Corporation) C:\WINDOWS\system32\wudriver.dll
2014-09-18 14:48 - 2014-07-24 16:16 - 00505344 _____ (Microsoft Corporation) C:\WINDOWS\system32\VAN.dll
2014-09-18 14:48 - 2014-07-24 16:16 - 00084480 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpdbusenum.dll
2014-09-18 14:48 - 2014-07-24 16:15 - 00828416 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2014-09-18 14:48 - 2014-07-24 16:15 - 00721408 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.dll
2014-09-18 14:48 - 2014-07-24 16:15 - 00432128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.dll
2014-09-18 14:48 - 2014-07-24 16:13 - 00226304 _____ (Microsoft Corporation) C:\WINDOWS\system32\SndVolSSO.dll
2014-09-18 14:48 - 2014-07-24 16:12 - 00189952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2014-09-18 14:48 - 2014-07-24 16:10 - 01029632 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll
2014-09-18 14:48 - 2014-07-24 16:10 - 00889344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2014-09-18 14:48 - 2014-07-24 16:10 - 00806400 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32spl.dll
2014-09-18 14:48 - 2014-07-24 16:10 - 00371712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winspool.drv
2014-09-18 14:48 - 2014-07-24 16:08 - 00321536 _____ (Microsoft Corporation) C:\WINDOWS\system32\stobject.dll
2014-09-18 14:48 - 2014-07-24 16:08 - 00162816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\puiapi.dll
2014-09-18 14:48 - 2014-07-24 16:07 - 01705472 _____ (Microsoft Corporation) C:\WINDOWS\system32\wucltux.dll
2014-09-18 14:48 - 2014-07-24 16:06 - 00080896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wudriver.dll
2014-09-18 14:48 - 2014-07-24 16:05 - 00448000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VAN.dll
2014-09-18 14:48 - 2014-07-24 16:04 - 00667136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2014-09-18 14:48 - 2014-07-24 16:02 - 03465216 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2014-09-18 14:48 - 2014-07-24 16:01 - 05833216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Search.dll
2014-09-18 14:48 - 2014-07-24 16:01 - 01992192 _____ (Microsoft Corporation) C:\WINDOWS\system32\XpsPrint.dll
2014-09-18 14:48 - 2014-07-24 16:01 - 01126912 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchFolder.dll
2014-09-18 14:48 - 2014-07-24 16:00 - 02100736 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsAdminFlowUI.dll
2014-09-18 14:48 - 2014-07-24 15:58 - 00432640 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanconn.dll
2014-09-18 14:48 - 2014-07-24 15:58 - 00288768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\stobject.dll
2014-09-18 14:48 - 2014-07-24 15:54 - 01290752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XpsPrint.dll
2014-09-18 14:48 - 2014-07-24 15:50 - 01182208 _____ (Microsoft Corporation) C:\WINDOWS\system32\printui.dll
2014-09-18 14:48 - 2014-07-24 15:50 - 00923136 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSShared.dll
2014-09-18 14:48 - 2014-07-24 15:49 - 00263680 _____ (Microsoft Corporation) C:\WINDOWS\system32\DafPrintProvider.dll
2014-09-18 14:48 - 2014-07-24 15:47 - 00576512 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSync.dll
2014-09-18 14:48 - 2014-07-24 15:46 - 08652800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Search.dll
2014-09-18 14:48 - 2014-07-24 15:44 - 01057792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\printui.dll
2014-09-18 14:48 - 2014-07-24 15:43 - 02696704 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers.dll
2014-09-18 14:48 - 2014-07-24 15:43 - 00756224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSShared.dll
2014-09-18 14:48 - 2014-07-24 15:43 - 00200192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DafPrintProvider.dll
2014-09-18 14:48 - 2014-07-24 15:41 - 00459264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSync.dll
2014-09-18 14:48 - 2014-07-24 15:39 - 02642944 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll
2014-09-18 14:48 - 2014-07-24 15:38 - 06649344 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2014-09-18 14:48 - 2014-07-24 15:38 - 05777408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2014-09-18 14:48 - 2014-07-24 15:33 - 03360768 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll
2014-09-18 14:48 - 2014-07-24 15:30 - 02318336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authui.dll
2014-09-18 14:48 - 2014-07-24 15:28 - 01600000 _____ (Microsoft Corporation) C:\WINDOWS\system32\workfolderssvc.dll
2014-09-18 14:48 - 2014-07-24 12:11 - 00513544 _____ () C:\WINDOWS\SysWOW64\locale.nls
2014-09-18 14:48 - 2014-07-24 12:11 - 00513544 _____ () C:\WINDOWS\system32\locale.nls
2014-09-18 14:48 - 2014-07-12 13:55 - 00268288 _____ (Microsoft Corporation) C:\WINDOWS\system32\wisp.dll
2014-09-18 14:48 - 2014-07-12 13:23 - 00436224 _____ (Microsoft Corporation) C:\WINDOWS\system32\certcli.dll
2014-09-18 14:48 - 2014-07-12 12:58 - 00210944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wisp.dll
2014-09-18 14:48 - 2014-07-12 12:33 - 00318976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\certcli.dll
2014-09-18 14:48 - 2014-07-12 12:13 - 01417216 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2014-09-18 14:48 - 2014-07-10 07:19 - 00387391 _____ () C:\WINDOWS\system32\ApnDatabase.xml
2014-09-18 14:48 - 2014-07-04 20:59 - 00295424 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ks.sys
2014-09-18 14:48 - 2014-07-04 18:29 - 00117248 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxSip.dll
2014-09-18 14:48 - 2014-07-04 18:20 - 01656832 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2014-09-18 14:48 - 2014-07-04 18:06 - 00095232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxSip.dll
2014-09-18 14:48 - 2014-07-04 18:00 - 01351168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2014-09-18 14:48 - 2014-07-04 17:30 - 00544768 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxPackaging.dll
2014-09-18 14:48 - 2014-07-04 17:27 - 00474112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxPackaging.dll
2014-09-18 14:48 - 2014-06-27 14:22 - 00246272 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srvnet.sys
2014-09-18 14:48 - 2014-06-26 08:32 - 01029632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mispace.dll
2014-09-18 14:48 - 2014-06-26 08:29 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\dab.dll
2014-09-18 14:48 - 2014-06-20 07:37 - 00206848 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb20.sys
2014-09-18 14:48 - 2014-06-19 10:13 - 00310080 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\volsnap.sys
2014-09-18 14:48 - 2014-06-14 14:03 - 02389504 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d10warp.dll
2014-09-18 14:48 - 2014-06-14 13:46 - 02071552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d10warp.dll
2014-09-18 14:48 - 2014-06-07 20:46 - 00216368 _____ (Microsoft Corporation) C:\WINDOWS\system32\rsaenh.dll
2014-09-18 14:48 - 2014-06-07 18:20 - 00189016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rsaenh.dll
2014-09-18 14:48 - 2014-06-05 22:00 - 01118040 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys
2014-09-18 14:48 - 2014-06-05 18:18 - 01018368 _____ (Microsoft Corporation) C:\WINDOWS\system32\aclui.dll
2014-09-18 14:48 - 2014-06-05 17:42 - 00889856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aclui.dll
2014-09-18 14:48 - 2014-05-31 13:00 - 01463808 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsecedit.dll
2014-09-18 14:48 - 2014-05-31 12:18 - 01319936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsecedit.dll
2014-09-18 14:48 - 2014-05-29 14:23 - 00427008 _____ (Microsoft Corporation) C:\WINDOWS\system32\clusapi.dll
2014-09-18 14:48 - 2014-05-29 13:25 - 00313856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\clusapi.dll
2014-09-18 14:48 - 2014-05-29 13:20 - 00427520 _____ (Microsoft Corporation) C:\WINDOWS\system32\schannel.dll
2014-09-18 14:48 - 2014-05-29 12:36 - 00344576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\schannel.dll
2014-09-18 14:48 - 2014-05-26 15:26 - 00053248 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxSysprep.dll
2014-09-18 14:48 - 2014-05-10 18:12 - 00387896 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcryptprimitives.dll
2014-09-18 14:48 - 2014-05-10 16:46 - 00335680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcryptprimitives.dll
2014-09-18 14:48 - 2014-05-06 12:41 - 00486744 _____ (Microsoft Corporation) C:\WINDOWS\system32\netcfgx.dll
2014-09-18 14:48 - 2014-05-06 08:55 - 00391000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netcfgx.dll
2014-09-18 14:48 - 2014-03-25 10:27 - 00160600 _____ (Microsoft Corporation) C:\WINDOWS\system32\winmmbase.dll
2014-09-18 14:48 - 2014-03-25 10:27 - 00123920 _____ (Microsoft Corporation) C:\WINDOWS\system32\winmm.dll
2014-09-18 14:48 - 2014-03-25 09:20 - 00128568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winmm.dll
2014-09-18 14:48 - 2014-03-25 09:20 - 00127544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winmmbase.dll
2014-09-18 14:42 - 2014-08-23 15:48 - 02374784 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2014-09-18 14:42 - 2014-08-23 15:13 - 02084520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2014-09-18 14:42 - 2014-08-23 14:10 - 00068096 _____ (Microsoft Corporation) C:\WINDOWS\system32\UXInit.dll
2014-09-18 14:42 - 2014-08-23 13:32 - 00050176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UXInit.dll
2014-09-18 14:42 - 2014-08-23 12:44 - 02860032 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll
2014-09-18 14:42 - 2014-08-23 12:34 - 13423104 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2014-09-18 14:42 - 2014-08-23 12:33 - 00796672 _____ (Microsoft Corporation) C:\WINDOWS\system32\uDWM.dll
2014-09-18 14:42 - 2014-08-23 12:31 - 01038336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\actxprxy.dll
2014-09-18 14:42 - 2014-08-23 12:20 - 11818496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2014-09-18 14:41 - 2014-07-30 09:56 - 00299520 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSDMon.dll
2014-09-18 14:41 - 2014-07-29 13:22 - 00205824 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcpmon.dll
2014-09-18 14:36 - 2014-08-15 08:36 - 00146752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\msgpioclx.sys
2014-09-17 00:31 - 2014-10-01 22:06 - 00000000 ____D () C:\Users\Mark\Desktop\Desktop ICONS
2014-09-16 19:48 - 2014-09-16 19:04 - 00013201 _____ () C:\Users\Mark\Documents\HD Movies collection.xlsx
2014-09-16 02:35 - 2014-09-16 02:36 - 00000000 ____D () C:\Users\Mark\Desktop\Bourne Series 4 HD
2014-09-11 22:30 - 2014-09-11 22:30 - 00759482 _____ () C:\Users\Mark\Downloads\leannesstudiopics.zip
2014-09-11 17:01 - 2014-08-16 10:40 - 23591424 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2014-09-11 17:01 - 2014-08-16 10:04 - 17455104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2014-09-11 17:01 - 2014-08-16 10:00 - 05833728 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2014-09-11 17:01 - 2014-08-16 10:00 - 02793984 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2014-09-11 17:01 - 2014-08-16 09:56 - 00547328 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2014-09-11 17:01 - 2014-08-16 09:54 - 00083968 _____ (Microsoft Corporation) C:\WINDOWS\system32\MshtmlDac.dll
2014-09-11 17:01 - 2014-08-16 09:45 - 04232704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2014-09-11 17:01 - 2014-08-16 09:43 - 00758272 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2014-09-11 17:01 - 2014-08-16 09:32 - 00446464 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtmsft.dll
2014-09-11 17:01 - 2014-08-16 09:25 - 00072704 _____ (Microsoft Corporation) C:\WINDOWS\system32\JavaScriptCollectionAgent.dll
2014-09-11 17:01 - 2014-08-16 09:22 - 00454656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2014-09-11 17:01 - 2014-08-16 09:20 - 00061952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MshtmlDac.dll
2014-09-11 17:01 - 2014-08-16 09:19 - 00085504 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2014-09-11 17:01 - 2014-08-16 09:18 - 02185728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2014-09-11 17:01 - 2014-08-16 09:18 - 00289280 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2014-09-11 17:01 - 2014-08-16 09:11 - 00597504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
2014-09-11 17:01 - 2014-08-16 09:06 - 00359424 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2014-09-11 17:01 - 2014-08-16 09:05 - 00727040 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2014-09-11 17:01 - 2014-08-16 09:05 - 00707072 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2014-09-11 17:01 - 2014-08-16 09:03 - 02104832 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2014-09-11 17:01 - 2014-08-16 09:03 - 00365056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtmsft.dll
2014-09-11 17:01 - 2014-08-16 08:58 - 00060416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\JavaScriptCollectionAgent.dll
2014-09-11 17:01 - 2014-08-16 08:56 - 02310656 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2014-09-11 17:01 - 2014-08-16 08:53 - 13588480 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2014-09-11 17:01 - 2014-08-16 08:53 - 00243200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
2014-09-11 17:01 - 2014-08-16 08:53 - 00069632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll
2014-09-11 17:01 - 2014-08-16 08:51 - 11769856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2014-09-11 17:01 - 2014-08-16 08:45 - 00603136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2014-09-11 17:01 - 2014-08-16 08:44 - 02014208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2014-09-11 17:01 - 2014-08-16 08:44 - 00312320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2014-09-11 17:01 - 2014-08-16 08:34 - 01447424 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2014-09-11 17:01 - 2014-08-16 08:20 - 01812992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2014-09-11 17:01 - 2014-08-16 08:18 - 00775168 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2014-09-11 17:01 - 2014-08-16 08:14 - 01190400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2014-09-11 17:01 - 2014-08-16 08:12 - 00678400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2014-09-11 17:01 - 2014-05-30 17:28 - 00051200 _____ (Microsoft Corporation) C:\WINDOWS\system32\jsproxy.dll
2014-09-11 17:01 - 2014-05-30 16:43 - 00061952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iesetup.dll
2014-09-11 17:01 - 2014-02-06 19:30 - 02724864 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
2014-09-11 17:01 - 2014-02-06 19:30 - 00004096 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwcollectorres.dll
2014-09-11 17:01 - 2014-02-06 19:07 - 00066048 _____ (Microsoft Corporation) C:\WINDOWS\system32\iesetup.dll
2014-09-11 17:01 - 2014-02-06 19:06 - 00048640 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwproxystub.dll
2014-09-11 17:01 - 2014-02-06 18:56 - 00033792 _____ (Microsoft Corporation) C:\WINDOWS\system32\iernonce.dll
2014-09-11 17:01 - 2014-02-06 18:49 - 00139264 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieUnatt.exe
2014-09-11 17:01 - 2014-02-06 18:48 - 00111616 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwcollector.exe
2014-09-11 17:01 - 2014-02-06 18:20 - 02724864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb
2014-09-11 17:01 - 2014-02-06 18:17 - 00195584 _____ (Microsoft Corporation) C:\WINDOWS\system32\msrating.dll
2014-09-11 17:01 - 2014-02-06 18:00 - 00051200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieetwproxystub.dll
2014-09-11 17:01 - 2014-02-06 17:52 - 00043008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jsproxy.dll
2014-09-11 17:01 - 2014-02-06 17:52 - 00032768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iernonce.dll
2014-09-11 17:01 - 2014-02-06 17:47 - 00112128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieUnatt.exe
2014-09-11 17:01 - 2014-02-06 17:25 - 00164864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrating.dll
2014-09-11 14:57 - 2014-09-05 10:36 - 00097280 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepic.dll
2014-09-11 14:57 - 2014-09-05 10:31 - 00527360 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2014-09-11 14:57 - 2014-09-05 08:48 - 00738816 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepdu.dll
2014-09-11 14:56 - 2014-08-02 08:18 - 01212928 _____ (Microsoft Corporation) C:\WINDOWS\system32\schedsvc.dll
2014-09-11 14:56 - 2014-07-24 11:20 - 00875688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvcr120_clr0400.dll
2014-09-11 14:56 - 2014-07-24 11:20 - 00869544 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvcr120_clr0400.dll
2014-09-11 14:28 - 2014-09-11 14:29 - 00005901 _____ () C:\Users\Mark\Downloads\Fw_ The Star Spangled Banner - as you've never heard it before!
2014-09-08 22:25 - 2014-09-08 22:25 - 00000000 ____D () C:\Users\Mark\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Jawbone
2014-09-08 22:25 - 2014-09-08 22:25 - 00000000 ____D () C:\Users\Mark\AppData\Roaming\JawboneUpdater
2014-09-08 22:25 - 2014-09-08 22:25 - 00000000 ____D () C:\Program Files (x86)\Jawbone
2014-09-08 22:24 - 2014-09-08 22:25 - 04442800 _____ (Jawbone) C:\Users\Mark\Downloads\Jawbone_Updater-2.2.4.exe
2014-09-08 22:08 - 2014-09-08 22:08 - 00000000 ____D () C:\Users\Mark\Downloads\4dd322433e0d918016dd232aa1eda0ce
2014-09-08 22:06 - 2014-09-08 22:06 - 00000000 ____D () C:\Users\Mark\AppData\Local\DriverToolkit
2014-09-08 22:06 - 2014-09-08 22:06 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DriverToolkit
2014-09-08 22:06 - 2014-09-08 22:06 - 00000000 ____D () C:\Program Files (x86)\DriverToolkit
2014-09-08 22:05 - 2014-09-08 22:05 - 00064895 _____ () C:\Users\Mark\Downloads\4dd322433e0d918016dd232aa1eda0ce.zip
2014-09-08 22:04 - 2014-09-08 22:04 - 02396224 _____ (Megaify Software ) C:\Users\Mark\Downloads\driver_setup(1).exe
2014-09-05 23:31 - 2014-08-29 17:08 - 12093606 _____ () C:\Users\Mark\Desktop\project gravity.MOV
2014-09-05 17:00 - 2014-09-05 17:14 - 00000000 ____D () C:\Users\Mark\Documents\Xoom Requirements
2014-09-05 15:06 - 2014-09-05 15:06 - 00001168 _____ () C:\Users\Public\Desktop\MobileWiFi.lnk
2014-09-05 15:06 - 2014-09-05 15:06 - 00000000 ____H () C:\WINDOWS\system32\Drivers\Msft_Kernel_ew_jucdcecm_01007.Wdf
2014-09-05 15:06 - 2014-09-05 15:06 - 00000000 ____H () C:\WINDOWS\system32\Drivers\Msft_Kernel_ew_jucdcacm_01007.Wdf
2014-09-05 15:06 - 2014-09-05 15:06 - 00000000 ____D () C:\ProgramData\DatacardService
2014-09-05 15:06 - 2014-09-05 15:06 - 00000000 ____D () C:\Program Files (x86)\MobileWiFi
2014-09-05 15:06 - 2013-04-10 16:47 - 00245248 _____ (Huawei Technologies Co., Ltd.) C:\WINDOWS\system32\Drivers\ew_juwwanecm.sys
2014-09-05 15:06 - 2013-03-21 09:57 - 00453632 _____ (Huawei Technologies Co., Ltd.) C:\WINDOWS\system32\Drivers\ewusbwwan.sys
2014-09-05 15:06 - 2013-03-04 16:32 - 00110592 _____ (Huawei Technologies Co., Ltd.) C:\WINDOWS\system32\Drivers\ew_jucdcacm.sys
2014-09-05 15:06 - 2013-03-04 16:32 - 00091648 _____ (Huawei Technologies Co., Ltd.) C:\WINDOWS\system32\Drivers\ew_jubusenum.sys
2014-09-05 15:06 - 2013-03-04 16:32 - 00077312 _____ (Huawei Technologies Co., Ltd.) C:\WINDOWS\system32\Drivers\ew_jucdcecm.sys
2014-09-05 15:06 - 2013-03-04 16:32 - 00030720 _____ (Huawei Technologies Co., Ltd.) C:\WINDOWS\system32\Drivers\ew_juextctrl.sys
2014-09-05 15:06 - 2013-03-04 16:21 - 00226048 _____ (Huawei Technologies Co., Ltd.) C:\WINDOWS\system32\Drivers\ewusbmdm.sys
2014-09-05 15:06 - 2013-01-25 09:16 - 00109568 _____ (Huawei Technologies Co., Ltd.) C:\WINDOWS\system32\Drivers\ew_hwusbdev.sys
2014-09-05 15:06 - 2012-12-22 09:46 - 00014976 _____ (Huawei Technologies Co., Ltd.) C:\WINDOWS\system32\Drivers\ew_usbenumfilter.sys
2014-09-05 15:06 - 2012-08-20 08:37 - 01490656 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdfCoInstaller01007.dll
2014-09-05 15:06 - 2010-10-08 16:59 - 00032768 _____ (Huawei Tech. Co., Ltd.) C:\WINDOWS\system32\Drivers\ewdcsc.sys
2014-09-05 15:06 - 2010-09-26 18:09 - 00022016 _____ (Huawei Technologies Co., Ltd.) C:\WINDOWS\system32\Drivers\ew_hwupgrade.sys
2014-09-05 15:06 - 2010-08-06 07:43 - 01001472 _____ (DiBcom SA) C:\WINDOWS\system32\Drivers\mod7700.sys

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-10-05 22:52 - 2014-01-04 07:03 - 00000000 ____D () C:\Users\Mark\AppData\Roaming\uTorrent
2014-10-05 22:20 - 2014-01-13 06:34 - 00000926 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2014-10-05 22:02 - 2013-08-22 23:36 - 00000000 ____D () C:\WINDOWS\system32\sru
2014-10-05 22:01 - 2014-01-03 14:15 - 00000830 _____ () C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2014-10-05 20:04 - 2014-01-03 13:24 - 00003600 _____ () C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1579019205-3585864088-4210726827-1001
2014-10-05 19:03 - 2012-07-26 13:26 - 00000226 _____ () C:\WINDOWS\win.ini
2014-10-05 17:02 - 2014-01-29 10:56 - 01247143 _____ () C:\WINDOWS\WindowsUpdate.log
2014-10-05 16:20 - 2014-01-13 06:34 - 00002205 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-10-05 16:20 - 2014-01-13 06:34 - 00000922 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2014-10-05 09:39 - 2014-02-02 09:35 - 02907136 ___SH () C:\Users\Mark\Desktop\Thumbs.db
2014-10-05 07:24 - 2014-01-03 14:22 - 00000000 ____D () C:\Users\Mark\AppData\Roaming\vlc
2014-10-05 06:54 - 2013-11-14 15:28 - 00863592 _____ () C:\WINDOWS\system32\PerfStringBackup.INI
2014-10-04 17:35 - 2014-01-05 05:27 - 00004996 _____ () C:\WINDOWS\System32\Tasks\Microsoft Office 15 Sync Maintenance for MBASUS31DEC2103-Mark MBAsus31Dec2103
2014-10-04 16:54 - 2014-08-05 10:57 - 00000000 ___RD () C:\Users\Mark\Google Drive
2014-10-04 16:54 - 2014-01-03 14:36 - 00000000 ___DO () C:\Users\Mark\SkyDrive
2014-10-04 16:54 - 2014-01-03 13:16 - 00000422 _____ () C:\Users\Mark\AppData\Roaming\sp_data.sys
2014-10-04 02:04 - 2013-08-22 22:45 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2014-10-04 01:46 - 2013-08-22 21:25 - 00262144 ___SH () C:\WINDOWS\system32\config\BBI
2014-10-03 23:08 - 2013-08-22 23:36 - 00000000 ____D () C:\WINDOWS\AppReadiness
2014-10-01 16:46 - 2014-01-14 16:21 - 00000000 ____D () C:\Program Files (x86)\Spybot - Search & Destroy 2
2014-10-01 15:22 - 2014-08-27 08:42 - 00018516 _____ () C:\WINDOWS\setupact.log
2014-10-01 12:17 - 2014-01-04 02:52 - 00000000 ____D () C:\Users\Mark\Desktop\Work
2014-10-01 12:10 - 2014-08-08 12:07 - 00007887 _____ () C:\WINDOWS\BRRBCOM.INI
2014-09-30 23:15 - 2014-03-15 18:45 - 00823808 ___SH () C:\Users\Mark\Downloads\Thumbs.db
2014-09-30 18:23 - 2014-07-31 10:47 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-09-30 18:23 - 2014-03-25 19:58 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-09-30 18:23 - 2013-11-14 15:20 - 00043802 _____ () C:\WINDOWS\PFRO.log
2014-09-30 18:23 - 2013-08-22 22:44 - 00371720 _____ () C:\WINDOWS\system32\FNTCACHE.DAT
2014-09-28 19:00 - 2014-01-03 14:44 - 00000000 ____D () C:\Users\Mark\AppData\Roaming\Skype
2014-09-28 08:11 - 2014-01-03 14:13 - 00000000 ____D () C:\Program Files\Microsoft Office 15
2014-09-26 00:33 - 2013-08-22 23:36 - 00000000 ____D () C:\WINDOWS\rescache
2014-09-25 17:12 - 2014-05-05 13:59 - 00000000 ____D () C:\Users\Mark\AppData\Roaming\Free Download Manager
2014-09-25 14:22 - 2014-01-03 13:15 - 00000000 ____D () C:\Users\Mark\AppData\Local\Packages
2014-09-24 23:10 - 2012-07-26 15:59 - 00000000 ____D () C:\WINDOWS\CbsTemp
2014-09-19 23:23 - 2014-01-23 05:58 - 00025594 _____ () C:\Users\Mark\Downloads\EHI Expense Form_ 2014(1).xlsx
2014-09-18 22:15 - 2014-01-11 14:16 - 00000000 ____D () C:\Program Files (x86)\JustCloud
2014-09-18 19:16 - 2014-08-16 20:54 - 00000000 ___RD () C:\Program Files (x86)\Skype
2014-09-18 19:15 - 2014-01-03 14:44 - 00002531 _____ () C:\Users\Public\Desktop\Skype.lnk
2014-09-18 19:15 - 2014-01-03 14:44 - 00000000 ____D () C:\ProgramData\Skype
2014-09-18 18:15 - 2014-01-15 14:42 - 00002457 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2014-09-18 18:11 - 2014-03-06 01:55 - 00000000 ____D () C:\Users\Mark\AppData\Roaming\Apple Computer
2014-09-18 18:07 - 2013-11-14 15:17 - 00000000 ____D () C:\Program Files\Windows Journal
2014-09-18 18:07 - 2013-08-22 23:36 - 00000000 ___RD () C:\WINDOWS\ToastData
2014-09-18 18:07 - 2013-08-22 23:36 - 00000000 ___RD () C:\WINDOWS\ImmersiveControlPanel
2014-09-18 18:07 - 2013-08-22 23:36 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2014-09-18 18:07 - 2013-08-22 23:36 - 00000000 ___RD () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2014-09-18 18:07 - 2013-08-22 23:36 - 00000000 ____D () C:\WINDOWS\WinStore
2014-09-18 18:07 - 2013-08-22 23:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\setup
2014-09-18 18:07 - 2013-08-22 23:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\InputMethod
2014-09-18 18:07 - 2013-08-22 23:36 - 00000000 ____D () C:\WINDOWS\system32\setup
2014-09-18 18:07 - 2013-08-22 21:36 - 00000000 ____D () C:\WINDOWS\system32\oobe
2014-09-18 15:40 - 2014-01-04 00:45 - 00000000 ____D () C:\WINDOWS\system32\MRT
2014-09-18 15:38 - 2014-01-04 00:45 - 101694776 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2014-09-17 14:34 - 2014-02-18 18:18 - 00000000 ____D () C:\Users\Mark\Desktop\Desktop pics
2014-09-17 02:38 - 2014-07-11 03:37 - 00000000 ____D () C:\Users\Mark\Desktop\2014-07-10 Energy
2014-09-17 00:27 - 2014-02-26 18:28 - 00000000 ____D () C:\Users\Mark\Documents\PDF files
2014-09-11 23:02 - 2014-07-11 12:21 - 00000000 ___SD () C:\WINDOWS\system32\CompatTel
2014-09-11 22:56 - 2013-08-22 23:36 - 00000000 ____D () C:\WINDOWS\system32\NDF
2014-09-11 17:01 - 2014-01-14 23:32 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-09-11 15:01 - 2014-01-03 14:15 - 00003718 _____ () C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater

Files to move or delete:
====================
C:\ProgramData\SetStretch.exe


Some content of TEMP:
====================
C:\Users\Mark\AppData\Local\Temp\SkypeSetup.exe
C:\Users\Mark\AppData\Local\Temp\vlc-2.1.5-win32.exe
C:\Users\Mark\AppData\Local\Temp\_is5206.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-10-04 17:28

==================== End Of Log ============================








Additional scan result of Farbar Recovery Scan Tool (x64) Version: 04-10-2014 01
Ran by Mark at 2014-10-05 22:53:49
Running from C:\Users\Mark\Desktop
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Spybot - Search and Destroy (Enabled - Up to date) {20A26C15-1AF0-7CA3-9380-FAB824A7EE0D}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Spybot - Search and Destroy (Enabled - Up to date) {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

µTorrent (HKCU\...\uTorrent) (Version: 3.4.2.34024 - BitTorrent Inc.)
Adobe Flash Player 15 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 15.0.0.152 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.09) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.09 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.0 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.0.7.148 - Adobe Systems, Inc.)
Any Video Converter Professional 5.6.4 (HKLM-x32\...\Any Video Converter Professional_is1) (Version: - Any-Video-Converter.com)
Apple Application Support (HKLM-x32\...\{78002155-F025-4070-85B3-7C0453561701}) (Version: 3.0.6 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{B678797F-DF38-4556-8A31-8B818E261868}) (Version: 8.0.0.23 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
ASUS Instant Connect (HKLM-x32\...\{89ECB85A-D933-4CEA-9116-5CBC9C2ED95B}) (Version: 1.2.8 - ASUS)
ASUS InstantOn (HKLM-x32\...\{749F674B-2674-47E8-879C-5626A06B2A91}) (Version: 3.0.4 - ASUS)
ASUS LifeFrame3 (HKLM-x32\...\{1DBD1F12-ED93-49C0-A7CC-56CBDE488158}) (Version: 3.1.9 - ASUS)
ASUS Live Update (HKLM-x32\...\{FA540E67-095C-4A1B-97BA-4D547DEC9AF4}) (Version: 3.1.9 - ASUS)
ASUS Power4Gear Hybrid (HKLM\...\{9B6239BF-4E85-4590-8D72-51E30DB1A9AA}) (Version: 2.0.4 - ASUS)
ASUS Smart Gesture (HKLM-x32\...\{4D3286A6-F6AB-498A-82A4-E4F040529F3D}) (Version: 1.0.35 - ASUS)
ASUS Splendid Video Enhancement Technology (HKLM-x32\...\{0969AF05-4FF6-4C00-9406-43599238DE0D}) (Version: 1.03.0006 - ASUS)
ASUS Tutor (HKLM-x32\...\{58172D66-2F69-4215-9AEC-ED8196023736}) (Version: 1.0.6 - ASUS)
ASUS USB Charger Plus (HKLM-x32\...\{A859E3E5-C62F-4BFA-AF1D-2B95E03166AF}) (Version: 2.1.4 - ASUS)
ASUS WebStorage Sync Agent (HKLM-x32\...\ASUS WebStorage) (Version: 1.1.9.120 - ASUS Cloud Corporation)
ASUSDVD (HKLM-x32\...\InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}) (Version: 10.0.4126.52 - CyberLink Corp.)
ASUSDVD (x32 Version: 10.0.4126.52 - CyberLink Corp.) Hidden
ATK Package (HKLM-x32\...\{AB5C933E-5C7D-4D30-B314-9C83A49B94BE}) (Version: 1.0.0025 - ASUS)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Brother MFL-Pro Suite DCP-J100 (HKLM-x32\...\{B742757A-7658-4E09-A51A-085CF0F7F4D3}) (Version: 1.0.0.0 - Brother Industries, Ltd.)
calibre (HKLM-x32\...\{DFF135C9-274E-443B-B2D1-FF0FD93EE790}) (Version: 0.7.53 - Kovid Goyal)
ConvertHelper 2.2 (HKLM-x32\...\{27CC6AB1-E72B-4179-AF1A-EAE507EBAF51}_is1) (Version: - DownloadHelper)
Definition Update for Microsoft Office 2010 (KB982726) 64-Bit Edition (HKLM\...\{90140000-0017-0000-1000-0000000FF1CE}_Office14.SharePointDesigner_{42CBCE27-DE9B-4094-B9EB-D4C4C135FFA8}) (Version: - Microsoft)
D-i-v-X AVI Codec Pack Pro 2.4.0 (HKLM-x32\...\D-i-v-X - AVI Codec Pack Pro) (Version: - D-i-v-X AVI Codec Pack Pro)
DriverToolkit version 8.3.5.0 (HKLM-x32\...\{D66BF89F-B0A2-48F5-A2E4-242EB645AB76}_is1) (Version: 8.3.5.0 - Megaify Software)
Easy Duplicate Finder v. 1.4.3.0 (HKLM-x32\...\Easy Duplicate Finder_is1) (Version: - EasyDuplicateFinder.com)
Free Download Manager 3.9.4 (HKLM-x32\...\Free Download Manager_is1) (Version: - FreeDownloadManager.ORG)
Garmin USB Drivers (HKLM-x32\...\{3D5D6CFC-3097-425A-8D8F-7EAF5D57641D}) (Version: 2.3.1.0 - Garmin Ltd or its subsidiaries)
GNS400W-500W Trainer (HKLM-x32\...\{C59E019B-0952-4B72-A382-68A72224F88F}) (Version: - )
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 37.0.2062.124 - Google Inc.)
Google Drive (HKLM-x32\...\{C6640705-7479-4EE5-BC86-879F05F65E74}) (Version: 1.17.7290.4094 - Google, Inc.)
Google Earth (HKLM-x32\...\{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Update Helper (x32 Version: 1.3.24.15 - Google Inc.) Hidden
GoPro CineForm Studio 1.3.2 (HKLM-x32\...\GoPro CineForm Studio) (Version: 1.3.2 - CineForm, Inc & GoPro, Inc.)
iCloud (HKLM\...\{6096C0CC-7E19-4355-87F0-627EC5AA146D}) (Version: 4.0.3.56 - Apple Inc.)
I-Doser Premium (HKLM-x32\...\I-Doser) (Version: 5.1 - I-Doser.com)
inReach Sync (HKLM-x32\...\{1f79722c-9f58-458a-908a-b1d7a5668f5f}) (Version: 1.2.2.8929 - DeLorme)
inReach Sync (x32 Version: 1.2.2.8929 - DeLorme) Hidden
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.1.0.1252 - Intel Corporation)
Intel(R) PRO/Wireless Driver (Version: 16.01.5000.0577 - Intel Corporation) Hidden
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3308 - Intel Corporation)
Intel(R) PROSet/Wireless for Bluetooth(R) + High Speed (HKLM\...\{E77289CF-12B9-4CAB-A49E-FEAE947F4D95}) (Version: 15.5.4.0423 - Intel Corporation)
Intel(R) PROSet/Wireless Software for Bluetooth(R) Technology (HKLM\...\{7854AA22-A2F0-4F29-A2E9-D0C5A2B685E7}) (Version: 2.5.0.0236 - Motorola Solutions, Inc)
Intel(R) SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 2.0.0.37149 - Intel Corporation)
Intel(R) WiDi (HKLM\...\{6097158B-0184-4140-BEC3-7885794D2571}) (Version: 3.5.40.0 - Intel Corporation)
Intel® PROSet/Wireless Software (HKLM-x32\...\{c9967fbd-e3c3-4ed0-992a-5b33260f2944}) (Version: 16.1.5 - Intel Corporation)
Intel® PROSet/Wireless WiFi Software (Version: 16.01.5000.0269 - Intel Corporation) Hidden
Intel® Trusted Connect Service Client (Version: 1.24.388.1 - Intel Corporation) Hidden
iTunes (HKLM\...\{F46AA0F1-E284-4878-A462-5F11B9166C0E}) (Version: 11.4.0.18 - Apple Inc.)
Jawbone Updater (HKLM-x32\...\Jawbone Updater) (Version: 0.1 - Jawbone)
JustCloud (HKLM\...\JustCloud) (Version: - JustCloud)
KMP Service (HKLM-x32\...\4F6D5E84-5826-4394-9F40-3A9A19165651_is1) (Version: - KMP)
Media Go (HKLM-x32\...\{362AB21A-E2C4-40CE-81C2-8C4D62B0635A}) (Version: 2.4.256 - Sony)
Microsoft Office Home and Student 2013 - en-us (HKLM\...\HomeStudentRetail - en-us) (Version: 15.0.4649.1003 - Microsoft Corporation)
Microsoft Office Office 32-bit Components 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Spanish) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 32-bit MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared Setup Metadata MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office SharePoint Designer 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office SharePoint Designer MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft OneDrive (HKCU\...\OneDriveSetup.exe) (Version: 17.3.1171.0714 - Microsoft Corporation)
Microsoft SharePoint Designer 2010 (HKLM\...\Office14.SharePointDesigner) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Mobile Broadband HL Service (HKLM-x32\...\Mobile Broadband HL Service) (Version: 22.001.22.01.124 - Huawei Technologies Co.,Ltd)
MobileWiFi (HKLM-x32\...\MobileWiFi) (Version: TOOL-ConnLaucher_WIN1.12.07.00 - Huawei Technologies Co.,Ltd)
Mozilla Firefox 32.0.3 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 32.0.3 (x86 en-US)) (Version: 32.0.3 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla)
MSVCRT Redists (Version: 1.0 - Sony Creative Software Inc.) Hidden
MyFreeCodec (HKCU\...\MyFreeCodec) (Version: - )
neurowise (HKLM\...\neurowise) (Version: 2014.10.03.135931 - neurowise)
NWZ-E380 WALKMAN Guide (HKLM-x32\...\{D98ED583-338D-4425-B2EF-A4C7FB93CE88}) (Version: 2.2.0.05230 - Sony Corporation)
Office 15 Click-to-Run Extensibility Component (x32 Version: 15.0.4649.1003 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (Version: 15.0.4649.1003 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Localization Component (x32 Version: 15.0.4649.1003 - Microsoft Corporation) Hidden
PDF Ripper 2.06 (HKLM\...\PDF Ripper_is1) (Version: 2.06 - PDF Bean, Inc.)
PDF4U Pro 3.01 (HKLM\...\PDF4U Pro_is1) (Version: 3.01 - PDF Bean Inc.)
PlayStation(R)Store (HKLM-x32\...\{0E532C84-4275-41B3-9D81-D4A1A20D8EE7}) (Version: 4.14.6.15183 - Sony Computer Entertainment Inc.)
PowerISO (HKLM-x32\...\PowerISO) (Version: 4.8 - PowerISO Computing, Inc.)
QuickTime 7 (HKLM-x32\...\{111EE7DF-FC45-40C7-98A7-753AC46B12FB}) (Version: 7.75.80.95 - Apple Inc.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.3.730.2012 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6760 - Realtek Semiconductor Corp.)
Realtek USB 2.0 Card Reader (HKLM-x32\...\{96AE7E41-E34E-47D0-AC07-1091A8127911}) (Version: 6.1.8400.30136 - Realtek Semiconductor Corp.)
Samsung Kies (HKLM-x32\...\InstallShield_{758C8301-2696-4855-AF45-534B1200980A}) (Version: 2.6.2.14014_5 - Samsung Electronics Co., Ltd.)
Samsung Kies (x32 Version: 2.6.2.14014_5 - Samsung Electronics Co., Ltd.) Hidden
SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.33.0 - SAMSUNG Electronics Co., Ltd.)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition (HKLM\...\{90140000-0017-0000-1000-0000000FF1CE}_Office14.SharePointDesigner_{98223B6C-F59E-4928-B553-43605D52ED19}) (Version: - Microsoft)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition (Version: - Microsoft) Hidden
Shared C Run-time for x64 (HKLM\...\{EF79C448-6946-4D71-8134-03407888C054}) (Version: 10.0.0 - McAfee)
Skype Click to Call (HKLM-x32\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 7.3.16540.9015 - Microsoft Corporation)
Skype™ 6.20 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 6.20.104 - Skype Technologies S.A.)
Spybot - Search & Destroy (HKLM-x32\...\{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1) (Version: 2.2.25 - Safer-Networking Ltd.)
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
The KMPlayer (remove only) (HKLM-x32\...\The KMPlayer) (Version: 3.7.0.113 - KMP Media co., Ltd)
Update for Microsoft InfoPath 2010 (KB2817369) 64-Bit Edition (HKLM\...\{90140000-0017-0000-1000-0000000FF1CE}_Office14.SharePointDesigner_{DB0B0CDF-77EC-47B0-94E2-4738573A1E58}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2589298) 64-Bit Edition (HKLM\...\{90140000-0017-0000-1000-0000000FF1CE}_Office14.SharePointDesigner_{79C725A1-3964-421C-A528-78C1C083C7C7}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2589352) 64-Bit Edition (HKLM\...\{90140000-0017-0000-1000-0000000FF1CE}_Office14.SharePointDesigner_{95BE5D45-A3DD-4CB1-8C35-D75DD7B4D862}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2589352) 64-Bit Edition (HKLM\...\{90140000-0043-0000-1000-0000000FF1CE}_Office14.SharePointDesigner_{95BE5D45-A3DD-4CB1-8C35-D75DD7B4D862}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2589375) 64-Bit Edition (HKLM\...\{90140000-0017-0000-1000-0000000FF1CE}_Office14.SharePointDesigner_{EBD18DE5-BC84-4B57-9A30-097044871F9A}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2597087) 64-Bit Edition (HKLM\...\{90140000-0017-0000-1000-0000000FF1CE}_Office14.SharePointDesigner_{4AD36582-256B-433D-8593-F31773A15CA4}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2597087) 64-Bit Edition (HKLM\...\{90140000-0043-0000-1000-0000000FF1CE}_Office14.SharePointDesigner_{4AD36582-256B-433D-8593-F31773A15CA4}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2687502) 64-Bit Edition (HKLM\...\{90140000-001F-0409-1000-0000000FF1CE}_Office14.SharePointDesigner_{B114A387-8A14-4C43-AE51-82F17EB81D49}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2760598) 64-Bit Edition (HKLM\...\{90140000-0017-0000-1000-0000000FF1CE}_Office14.SharePointDesigner_{F216169C-2B40-429B-8370-B5BA06EC5423}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2760598) 64-Bit Edition (HKLM\...\{90140000-0043-0000-1000-0000000FF1CE}_Office14.SharePointDesigner_{F216169C-2B40-429B-8370-B5BA06EC5423}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2760631) 64-Bit Edition (HKLM\...\{90140000-0017-0000-1000-0000000FF1CE}_Office14.SharePointDesigner_{B6AD7E27-012A-4B63-82BA-AF62893E5435}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2794737) 64-Bit Edition (HKLM\...\{90140000-0017-0000-1000-0000000FF1CE}_Office14.SharePointDesigner_{07DC9C6C-E916-4F42-8677-716930ED0393}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2825635) 64-Bit Edition (HKLM\...\{90140000-0017-0000-1000-0000000FF1CE}_Office14.SharePointDesigner_{6E760BBA-B83F-4C2D-918F-5F91EF6C9861}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2837581) 64-Bit Edition (HKLM\...\{90140000-0017-0000-1000-0000000FF1CE}_Office14.SharePointDesigner_{D1F3B526-7EB2-4701-92DB-0784988D78DE}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2837606) 64-Bit Edition (HKLM\...\{90140000-0017-0000-1000-0000000FF1CE}_Office14.SharePointDesigner_{52BEF8AE-9324-40A1-9A92-E5A8FB63A475}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2878252) 64-Bit Edition (HKLM\...\{90140000-0017-0000-1000-0000000FF1CE}_Office14.SharePointDesigner_{56551B9F-2FE1-4705-ACF0-8FA920535E18}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2878252) 64-Bit Edition (HKLM\...\{90140000-0043-0000-1000-0000000FF1CE}_Office14.SharePointDesigner_{56551B9F-2FE1-4705-ACF0-8FA920535E18}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2881028) 64-Bit Edition (HKLM\...\{90140000-001F-040C-1000-0000000FF1CE}_Office14.SharePointDesigner_{4B9B2BAF-EE1F-4B60-A4D9-17B7BEEB13A1}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2881028) 64-Bit Edition (HKLM\...\{90140000-001F-0C0A-1000-0000000FF1CE}_Office14.SharePointDesigner_{860EE8B1-0B9F-4A8A-91FE-649CD3C6754C}) (Version: - Microsoft)
Update for Microsoft OneNote 2010 (KB2837595) 64-Bit Edition (HKLM\...\{90140000-0043-0000-1000-0000000FF1CE}_Office14.SharePointDesigner_{3029C408-1DD1-4273-8E58-87CB1B638FC8}) (Version: - Microsoft)
Update for Microsoft SharePoint Workspace 2010 (KB2760601) 64-Bit Edition (HKLM\...\{90140000-0043-0000-1000-0000000FF1CE}_Office14.SharePointDesigner_{77374F16-2DC6-4EEF-AFAD-C59FDA2E010D}) (Version: - Microsoft)
Update for Microsoft Word 2010 (KB2880529) 64-Bit Edition (HKLM\...\{90140000-0017-0000-1000-0000000FF1CE}_Office14.SharePointDesigner_{89FDC8D9-FB84-4EFE-950D-AF4EECC3B64C}) (Version: - Microsoft)
Vegas Pro 12.0 (64-bit) (HKLM\...\{64A98EF1-2680-11E3-A909-F04DA23A5C58}) (Version: 12.0.726 - Sony)
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
VLC media player 2.0.0 (HKLM-x32\...\VLC media player) (Version: 2.0.0 - VideoLAN)
Windows Driver Package - ASUS (ATP) Mouse (10/29/2012 1.0.0.148) (HKLM\...\C01F56FBD9B141017E63E2A1A141E59934D4DC67) (Version: 10/29/2012 1.0.0.148 - ASUS)
Windows Driver Package - Cambridge Silicon Radio Ltd. (CSRBC) USB (04/21/2011 01.0.0.0) (HKLM\...\BEA7B05370C19B9C86893BB484FD6B9CC52B0CD8) (Version: 04/21/2011 01.0.0.0 - Cambridge Silicon Radio Ltd.)
Windows Driver Package - Garmin (grmnusb) GARMIN Devices (04/19/2012 2.3.1.0) (HKLM\...\98157A226B40B173301B0F53C8E98C47805D5152) (Version: 04/19/2012 2.3.1.0 - Garmin)
Windows Driver Package - GoPro (WinUSB) Universal Serial Bus devices (03/07/2012 ) (HKLM\...\0B624A43DD66DBF5CF3EDFA9741A364E688062A4) (Version: 03/07/2012 - GoPro)
WinFlash (HKLM-x32\...\{8F21291E-0444-4B1D-B9F9-4370A73E346D}) (Version: 2.41.1 - ASUS)
WinRAR 5.00 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.00.0 - win.rar GmbH)
Yahoo! Messenger (HKLM-x32\...\Yahoo! Messenger) (Version: - Yahoo! Inc.)

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

CustomCLSID: HKU\S-1-5-21-1579019205-3585864088-4210726827-1001_Classes\CLSID\{F8071786-1FD0-4A66-81A1-3CBE29274458}\InprocServer32 -> C:\Users\Mark\AppData\Local\Microsoft\SkyDrive\17.3.1171.0714\amd64\FileSyncApi64.dll (Microsoft Corporation)

==================== Restore Points =========================

18-09-2014 07:38:25 Windows Update
24-09-2014 15:10:04 Windows Update
01-10-2014 22:50:22 Scheduled Checkpoint

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2013-08-22 21:25 - 2013-08-22 21:25 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {05293577-D647-4185-B859-C94839A0B2E3} - System32\Tasks\Microsoft\Windows\SettingSync\NetworkStateChangeTask
Task: {087DED7D-AC99-4F75-A250-B62216ED8FA9} - System32\Tasks\Microsoft\Windows\Shell\FamilySafetyUpload
Task: {0B545118-B563-42FC-8D07-B78F602FCF34} - System32\Tasks\Microsoft\Windows\WS\WSRefreshBannedAppsListTask => Rundll32.exe WSClient.dll,RefreshBannedAppsList
Task: {0C641BE9-788E-477D-93C1-4207CFB0B58B} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-01-13] (Google Inc.)
Task: {11D49DAE-915C-44FE-84EE-FC1064000A1F} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-01-13] (Google Inc.)
Task: {1FFB6638-C088-4D2F-BEF7-8E25E008BE5E} - System32\Tasks\{1DC34C3C-9BFD-4856-9843-F32BC48A8A98} => Firefox.exe http://ui.skype.com/ui/0/6.20.0.104/en/go/help.faq.installer?LastError=1618
Task: {2085BF56-520D-4951-B7C0-DF34AF90CC6A} - System32\Tasks\Microsoft\Windows\Sysmain\WsSwapAssessmentTask => Rundll32.exe sysmain.dll,PfSvWsSwapAssessmentTask
Task: {225E6EEE-BB6D-4CB7-93F0-AB7156F544BB} - System32\Tasks\LaunchApp => C:\Program Files (x86)\JustCloud\JustCloud.exe [2014-09-18] (JustCloud.com)
Task: {26AA878B-F090-4957-80DE-9225CDCC573B} - System32\Tasks\Microsoft Office 15 Sync Maintenance for MBASUS31DEC2103-Mark MBAsus31Dec2103 => C:\Program Files\Microsoft Office 15\Root\Office15\MsoSync.exe [2014-09-28] (Microsoft Corporation)
Task: {2C9C0C6C-2A74-46F2-858A-4389D253EAD0} - System32\Tasks\Microsoft\Windows\Sysmain\HybridDriveCachePrepopulate
Task: {2EF60F10-7206-4557-A756-238A72FFBAB4} - System32\Tasks\Microsoft\Windows\DiskCleanup\SilentCleanup => C:\Windows\system32\cleanmgr.exe [2014-02-22] (Microsoft Corporation)
Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => C:\Windows\System32\AutoWorkplace.exe [2013-08-22] (Microsoft Corporation)
Task: {3A22A094-3865-4A43-AC28-6B49BCAC62C7} - System32\Tasks\Microsoft\Windows\WOF\WIM-Hash-Management
Task: {3B6D8A73-F20B-4C93-B8FB-56A154F172D2} - System32\Tasks\Microsoft\Windows\Time Zone\SynchronizeTimeZone => C:\Windows\system32\tzsync.exe [2013-08-22] (Microsoft Corporation)
Task: {49754026-21E1-41FC-94FD-727AFE414FE7} - System32\Tasks\Microsoft\Windows\Sysmain\HybridDriveCacheRebalance
Task: {51E3A16F-FF47-4BF9-941B-A7F998BE8D4A} - System32\Tasks\ASUS USB Charger Plus => C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe [2012-07-25] (ASUSTek Computer Inc.)
Task: {61AC5CCE-0EAD-4163-8475-1DCE870825A5} - System32\Tasks\Microsoft OneDrive Auto Update Task-S-1-5-21-1579019205-3585864088-4210726827-1001 => %localappdata%\Microsoft\SkyDrive\SkyDrive.exe
Task: {67C2429F-8221-4977-8AE6-AD5FE5EF67D4} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2014-09-18] (Microsoft Corporation)
Task: {68C8F863-269D-423D-ABDD-98A2170DA3C0} - System32\Tasks\ASUS P4G => C:\Program Files\ASUS\P4G\BatteryLife.exe [2012-08-25] (ASUS)
Task: {6AA91E8C-DDBD-4979-8464-4062F7681A19} - System32\Tasks\Microsoft\Windows\Plug and Play\Plug and Play Cleanup
Task: {6DFCB649-0769-4F83-BB10-F60F235F6D3D} - System32\Tasks\Microsoft\Windows\SkyDrive\Idle Sync Maintenance Task
Task: {71B41782-F774-4025-8B9B-88E85BC0D8D9} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Scan the system => C:\Program Files (x86)\Spybot - Search &amp; Destroy 2\SDScan.exe
Task: {73B1B253-CE67-4501-AE1A-377DD1D68B65} - System32\Tasks\Microsoft\Windows\Application Experience\StartupAppTask => Rundll32.exe Startupscan.dll,SusRunTask
Task: {77F1D869-6E65-4079-A2A0-E2023408EF97} - System32\Tasks\Microsoft\Windows\ApplicationData\CleanupTemporaryState => Rundll32.exe Windows.Storage.ApplicationData.dll,CleanupTemporaryState
Task: {780052BD-DE61-4710-A418-CBE299CCF3E6} - System32\Tasks\ASUS Touchpad Launcher (x64) => C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLauncher.exe [2012-11-01] (AsusTek)
Task: {7F6A4113-C15A-4BA4-8E51-46B6AC7A4359} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Refresh immunization => C:\Program Files (x86)\Spybot - Search &amp; Destroy 2\SDImmunize.exe
Task: {872D0E53-FD2E-41E3-B431-698AF82882CE} - System32\Tasks\Microsoft\Windows\SkyDrive\Routine Maintenance Task
Task: {8CC813C9-712A-41EF-9512-B233444FC669} - System32\Tasks\Microsoft\Windows\AppxDeploymentClient\Pre-staged app cleanup => Rundll32.exe %windir%\system32\AppxDeploymentClient.dll,AppxPreStageCleanupRunTask
Task: {97EF2A86-49CE-4190-84E6-8E191D4A03DC} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {9C5E3C4C-0643-42F2-B318-4A868A648797} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Check for updates => C:\Program Files (x86)\Spybot - Search &amp; Destroy 2\SDUpdate.exe
Task: {9FF4C139-5234-410C-B7FA-23EE2FD2AB53} - System32\Tasks\Microsoft\Windows\Work Folders\Work Folders Maintenance Work
Task: {A51ECFD5-943B-42DA-974E-69D9E3FE287C} - System32\Tasks\ASUS Live Update => C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe [2012-08-23] (ASUSTeK Computer Inc.)
Task: {AC9BEFB8-14EA-462E-9F21-B917407119B3} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2014-08-12] (Microsoft Corporation)
Task: {CB1D65C4-27E6-4990-95E2-0C95A9D91C07} - System32\Tasks\Microsoft\Windows\DiskFootprint\Diagnostics
Task: {CFD7C21A-808B-487B-A6EC-8A10E44E8360} - System32\Tasks\Microsoft\Windows\SettingSync\BackupTask
Task: {D33DB75C-903E-4DCA-A19F-B58F99072265} - System32\Tasks\Microsoft\Windows\WOF\WIM-Hash-Validation
Task: {D3BC28FE-5BDB-4BBE-8F33-32B9071547EE} - System32\Tasks\Microsoft\Windows\WindowsUpdate\Scheduled Start With Network => Sc.exe start wuauserv
Task: {D88FEC9E-A82A-46F9-87E2-B6B97B301C1A} - System32\Tasks\Microsoft\Windows\WS\License Validation => Rundll32.exe WSClient.dll,WSpTLR licensing
Task: {DA46820F-FF8A-4B5E-A6B2-B12185DCFFFB} - System32\Tasks\Microsoft\Windows\Work Folders\Work Folders Logon Synchronization
Task: {E6D378FA-E068-4BCB-80DE-56D43A249507} - System32\Tasks\Microsoft\Windows\RecoveryEnvironment\VerifyWinRE
Task: {EAAD3020-1CF7-48C8-824B-B276CEE29271} - System32\Tasks\ASUS Splendid ACMON => C:\Program Files (x86)\ASUS\Splendid\ACMON.exe [2012-10-18] (ASUS)
Task: {F0449E19-D09D-4A59-94A1-9B641FAB0053} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-09-11] (Adobe Systems Incorporated)
Task: {F5A7808C-566A-4310-80C5-AADE8ECD83DD} - System32\Tasks\ASUS InstantOn Config => C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnCfg.exe [2012-09-25] (ASUS)
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2014-03-04 09:24 - 2014-05-20 13:19 - 00105640 _____ () C:\Program Files\Microsoft Office 15\ClientX64\ApiClient.dll
2013-04-10 13:58 - 2013-04-10 13:58 - 00351824 _____ () C:\ProgramData\DatacardService\HWDeviceService64.exe
2014-03-03 22:38 - 2013-07-23 11:47 - 00239696 _____ () C:\ProgramData\MobileBrServ\mbbservice.exe
2013-09-20 06:32 - 2013-09-20 06:32 - 01102336 _____ () C:\Program Files (x86)\JustCloud\x64\System.Data.SQLite.dll
2014-09-18 13:35 - 2014-09-18 13:35 - 00012288 _____ () C:\Program Files (x86)\JustCloud\GetText.dll
2013-09-20 06:32 - 2013-09-20 06:32 - 00048128 _____ () C:\Program Files (x86)\JustCloud\diffstack.dll
2013-09-20 06:32 - 2013-09-20 06:32 - 00063488 _____ () C:\Program Files (x86)\JustCloud\Crypto64.dll
2012-08-25 09:26 - 2012-08-25 09:26 - 00031360 _____ () C:\Program Files\ASUS\P4G\DevMng.dll
2014-09-28 08:09 - 2014-09-28 08:09 - 08894120 _____ () C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\1033\GrooveIntlResource.dll
2013-10-02 05:02 - 2013-10-02 05:02 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2014-08-15 08:50 - 2014-08-15 08:50 - 04357752 _____ () C:\Program Files (x86)\Jawbone\JawboneUpdater.exe
2012-10-18 01:51 - 2012-10-18 01:51 - 00168664 _____ () C:\Program Files (x86)\ASUS\Splendid\ColorUService.exe
2014-04-17 22:10 - 2014-04-17 22:10 - 00162816 _____ () C:\Users\Mark\AppData\Roaming\uTorrent\VirusGuard\BitTorrentAntivirus.exe
2014-10-04 17:20 - 2014-10-05 19:02 - 00522528 _____ () C:\Program Files (x86)\neurowise\bin\utilneurowise.exe
2014-10-03 22:31 - 2014-10-05 19:03 - 00522528 _____ () C:\Program Files (x86)\neurowise\updateneurowise.exe
2014-10-04 17:21 - 2014-10-05 02:08 - 00349984 _____ () C:\Program Files (x86)\neurowise\bin\neurowise.PurBrowse64.exe
2014-10-04 17:21 - 2014-10-05 17:08 - 00114976 _____ () C:\Program Files (x86)\neurowise\bin\neurowise.BrowserAdapter64.exe
2014-10-05 08:45 - 2014-10-05 17:08 - 00098592 _____ () C:\Program Files (x86)\neurowise\bin\neurowise.BrowserAdapter.exe
2014-02-13 00:58 - 2014-02-13 00:58 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2014-02-13 00:58 - 2014-02-13 00:58 - 01044808 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2014-01-14 16:50 - 2012-08-24 02:38 - 00574840 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\sqlite3.dll
2014-01-14 16:50 - 2013-05-17 02:55 - 00113496 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlThirdParty150.bpl
2014-01-14 16:50 - 2013-05-17 02:55 - 00416600 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\DEC150.bpl
2014-01-14 16:50 - 2013-05-17 02:55 - 00161112 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlFileFormats150.bpl
2014-01-14 16:50 - 2012-04-04 09:06 - 00565640 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\av\BDSmartDB.dll
2014-01-03 14:28 - 2012-10-23 03:21 - 01277952 _____ () C:\Program Files (x86)\PANDORA.TV\PanService\avformat-53.dll
2014-01-03 14:28 - 2011-12-07 08:19 - 00133632 _____ () C:\Program Files (x86)\PANDORA.TV\PanService\avutil-51.dll
2014-01-03 14:28 - 2012-07-10 09:57 - 02090496 _____ () C:\Program Files (x86)\PANDORA.TV\PanService\avcodec-53.dll
2014-01-03 14:28 - 2012-03-24 02:07 - 00224768 _____ () C:\Program Files (x86)\PANDORA.TV\PanService\libupnp.dll
2014-08-08 12:06 - 2009-02-27 21:38 - 00139264 ____R () C:\Program Files (x86)\Brother\BrUtilities\BrLogAPI.dll
2013-01-15 12:13 - 2012-06-25 10:41 - 01198912 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\ACE.dll
2014-09-28 08:09 - 2014-09-28 08:09 - 00316576 _____ () C:\Program Files\Microsoft Office 15\Root\VFS\ProgramFilesCommonX86\Microsoft Shared\OFFICE15\AppVIsvStream32.dll
2014-10-04 16:54 - 2014-10-04 16:54 - 00098816 _____ () C:\Users\Mark\AppData\Local\Temp\_MEI40322\win32api.pyd
2014-10-04 16:54 - 2014-10-04 16:54 - 00110080 _____ () C:\Users\Mark\AppData\Local\Temp\_MEI40322\pywintypes27.dll
2014-10-04 16:54 - 2014-10-04 16:54 - 00364544 _____ () C:\Users\Mark\AppData\Local\Temp\_MEI40322\pythoncom27.dll
2014-10-04 16:54 - 2014-10-04 16:54 - 00045568 _____ () C:\Users\Mark\AppData\Local\Temp\_MEI40322\_socket.pyd
2014-10-04 16:54 - 2014-10-04 16:54 - 01160704 _____ () C:\Users\Mark\AppData\Local\Temp\_MEI40322\_ssl.pyd
2014-10-04 16:54 - 2014-10-04 16:54 - 00320512 _____ () C:\Users\Mark\AppData\Local\Temp\_MEI40322\win32com.shell.shell.pyd
2014-10-04 16:54 - 2014-10-04 16:54 - 00713216 _____ () C:\Users\Mark\AppData\Local\Temp\_MEI40322\_hashlib.pyd
2014-10-04 16:54 - 2014-10-04 16:54 - 01175040 _____ () C:\Users\Mark\AppData\Local\Temp\_MEI40322\wx._core_.pyd
2014-10-04 16:54 - 2014-10-04 16:54 - 00805888 _____ () C:\Users\Mark\AppData\Local\Temp\_MEI40322\wx._gdi_.pyd
2014-10-04 16:54 - 2014-10-04 16:54 - 00811008 _____ () C:\Users\Mark\AppData\Local\Temp\_MEI40322\wx._windows_.pyd
2014-10-04 16:54 - 2014-10-04 16:54 - 01062400 _____ () C:\Users\Mark\AppData\Local\Temp\_MEI40322\wx._controls_.pyd
2014-10-04 16:54 - 2014-10-04 16:54 - 00735232 _____ () C:\Users\Mark\AppData\Local\Temp\_MEI40322\wx._misc_.pyd
2014-10-04 16:54 - 2014-10-04 16:54 - 00128512 _____ () C:\Users\Mark\AppData\Local\Temp\_MEI40322\_elementtree.pyd
2014-10-04 16:54 - 2014-10-04 16:54 - 00127488 _____ () C:\Users\Mark\AppData\Local\Temp\_MEI40322\pyexpat.pyd
2014-10-04 16:54 - 2014-10-04 16:54 - 00557056 _____ () C:\Users\Mark\AppData\Local\Temp\_MEI40322\pysqlite2._sqlite.pyd
2014-10-04 16:54 - 2014-10-04 16:54 - 00007168 _____ () C:\Users\Mark\AppData\Local\Temp\_MEI40322\hashobjs_ext.pyd
2014-10-04 16:54 - 2014-10-04 16:54 - 00087552 _____ () C:\Users\Mark\AppData\Local\Temp\_MEI40322\_ctypes.pyd
2014-10-04 16:54 - 2014-10-04 16:54 - 00119808 _____ () C:\Users\Mark\AppData\Local\Temp\_MEI40322\win32file.pyd
2014-10-04 16:54 - 2014-10-04 16:54 - 00108544 _____ () C:\Users\Mark\AppData\Local\Temp\_MEI40322\win32security.pyd
2014-10-04 16:54 - 2014-10-04 16:54 - 00018432 _____ () C:\Users\Mark\AppData\Local\Temp\_MEI40322\win32event.pyd
2014-10-04 16:54 - 2014-10-04 16:54 - 00038912 _____ () C:\Users\Mark\AppData\Local\Temp\_MEI40322\win32inet.pyd
2014-10-04 16:54 - 2014-10-04 16:54 - 00070656 _____ () C:\Users\Mark\AppData\Local\Temp\_MEI40322\wx._html2.pyd
2014-10-04 16:54 - 2014-10-04 16:54 - 00167936 _____ () C:\Users\Mark\AppData\Local\Temp\_MEI40322\win32gui.pyd
2014-10-04 16:54 - 2014-10-04 16:54 - 00011264 _____ () C:\Users\Mark\AppData\Local\Temp\_MEI40322\win32crypt.pyd
2014-10-04 16:54 - 2014-10-04 16:54 - 00027136 _____ () C:\Users\Mark\AppData\Local\Temp\_MEI40322\_multiprocessing.pyd
2014-10-04 16:54 - 2014-10-04 16:54 - 00686080 _____ () C:\Users\Mark\AppData\Local\Temp\_MEI40322\unicodedata.pyd
2014-10-04 16:54 - 2014-10-04 16:54 - 00122368 _____ () C:\Users\Mark\AppData\Local\Temp\_MEI40322\wx._wizard.pyd
2014-10-04 16:54 - 2014-10-04 16:54 - 00010240 _____ () C:\Users\Mark\AppData\Local\Temp\_MEI40322\select.pyd
2014-10-04 16:54 - 2014-10-04 16:54 - 00024064 _____ () C:\Users\Mark\AppData\Local\Temp\_MEI40322\win32pipe.pyd
2014-10-04 16:54 - 2014-10-04 16:54 - 00025600 _____ () C:\Users\Mark\AppData\Local\Temp\_MEI40322\win32pdh.pyd
2014-10-04 16:54 - 2014-10-04 16:54 - 00525640 _____ () C:\Users\Mark\AppData\Local\Temp\_MEI40322\windows._lib_cacheinvalidation.pyd
2014-10-04 16:54 - 2014-10-04 16:54 - 00035840 _____ () C:\Users\Mark\AppData\Local\Temp\_MEI40322\win32process.pyd
2014-10-04 16:54 - 2014-10-04 16:54 - 00017408 _____ () C:\Users\Mark\AppData\Local\Temp\_MEI40322\win32profile.pyd
2014-10-04 16:54 - 2014-10-04 16:54 - 00022528 _____ () C:\Users\Mark\AppData\Local\Temp\_MEI40322\win32ts.pyd
2014-10-04 16:54 - 2014-10-04 16:54 - 00078336 _____ () C:\Users\Mark\AppData\Local\Temp\_MEI40322\wx._animate.pyd
2012-10-18 01:51 - 2012-10-18 01:51 - 00011776 _____ () C:\Program Files (x86)\ASUS\Splendid\GLCDdll.dll
2014-07-31 10:47 - 2014-09-30 18:20 - 03715184 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
2014-05-18 12:00 - 2014-05-18 12:00 - 00284160 _____ () C:\ProgramData\Free Download Manager\Firefox\Extensions\1.6.0.7\components\vmsfdmff30.dll
2014-05-05 13:57 - 2014-04-22 21:52 - 00106496 _____ () C:\Program Files (x86)\Free Download Manager\fdmumsp.dll
2014-10-05 08:45 - 2014-10-05 02:19 - 00195360 ____N () C:\Program Files (x86)\neurowise\bin\fe65128652a1461ba17a.dll
2014-05-05 13:57 - 2014-04-29 12:43 - 03553280 _____ () C:\Program Files (x86)\Free Download Manager\fdmbtsupp.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)

AlternateDataStreams: C:\ProgramData\Temp:054203E4
AlternateDataStreams: C:\Users\Mark\SkyDrive:ms-properties

==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)

HKLM\...\StartupApproved\StartupFolder: => "CineForm Status.lnk"
HKLM\...\StartupApproved\Run: => "Logitech Download Assistant"
HKLM\...\StartupApproved\Run32: => "KiesTrayAgent"
HKCU\...\StartupApproved\Run: => "SkyDrive"
HKCU\...\StartupApproved\Run: => "Skype"
HKCU\...\StartupApproved\Run: => "Messenger (Yahoo!)"
HKCU\...\StartupApproved\Run: => "uTorrent"
HKCU\...\StartupApproved\Run: => "KiesPreload"

========================= Accounts: ==========================

Administrator (S-1-5-21-1579019205-3585864088-4210726827-500 - Administrator - Disabled)
Guest (S-1-5-21-1579019205-3585864088-4210726827-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-1579019205-3585864088-4210726827-1003 - Limited - Enabled)
Mark (S-1-5-21-1579019205-3585864088-4210726827-1001 - Administrator - Enabled) => C:\Users\Mark

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (10/05/2014 06:50:58 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 34426656

Error: (10/05/2014 06:50:58 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 34426656

Error: (10/05/2014 06:50:58 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (10/04/2014 09:17:12 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 1250

Error: (10/04/2014 09:17:12 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 1250

Error: (10/04/2014 09:17:12 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (10/04/2014 05:51:12 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: plugin-container.exe, version: 32.0.3.5379, time stamp: 0x54224e6b
Faulting module name: mozalloc.dll, version: 32.0.3.5379, time stamp: 0x54221b67
Exception code: 0x80000003
Fault offset: 0x0000141b
Faulting process id: 0xbdc
Faulting application start time: 0xplugin-container.exe0
Faulting application path: plugin-container.exe1
Faulting module path: plugin-container.exe2
Report Id: plugin-container.exe3
Faulting package full name: plugin-container.exe4
Faulting package-relative application ID: plugin-container.exe5

Error: (10/04/2014 05:21:10 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: plugin-container.exe, version: 32.0.3.5379, time stamp: 0x54224e6b
Faulting module name: mozalloc.dll, version: 32.0.3.5379, time stamp: 0x54221b67
Exception code: 0x80000003
Fault offset: 0x0000141b
Faulting process id: 0x1a9c
Faulting application start time: 0xplugin-container.exe0
Faulting application path: plugin-container.exe1
Faulting module path: plugin-container.exe2
Report Id: plugin-container.exe3
Faulting package full name: plugin-container.exe4
Faulting package-relative application ID: plugin-container.exe5

Error: (10/04/2014 05:14:59 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 361157

Error: (10/04/2014 05:14:59 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 361157


System errors:
=============
Error: (09/28/2014 05:47:21 PM) (Source: bowser) (EventID: 8003) (User: )
Description: The master browser has received a server announcement from the computer JUSTUS-PC
that believes that it is the master browser for the domain on transport NetBT_Tcpip_{958B2E52-9881-4BB0-B80E-FB26F359D3DB}.
The master browser is stopping or an election is being forced.

Error: (09/28/2014 04:01:15 PM) (Source: bowser) (EventID: 8003) (User: )
Description: The master browser has received a server announcement from the computer JUSTUS-PC
that believes that it is the master browser for the domain on transport NetBT_Tcpip_{958B2E52-9881-4BB0-B80E-FB26F359D3DB}.
The master browser is stopping or an election is being forced.

Error: (09/28/2014 02:52:56 PM) (Source: bowser) (EventID: 8003) (User: )
Description: The master browser has received a server announcement from the computer DOMINIQUE-PC
that believes that it is the master browser for the domain on transport NetBT_Tcpip_{958B2E52-9881-4BB0-B80E-FB26F359D3DB}.
The master browser is stopping or an election is being forced.

Error: (09/28/2014 10:53:49 AM) (Source: bowser) (EventID: 8003) (User: )
Description: The master browser has received a server announcement from the computer JUSTUS-PC
that believes that it is the master browser for the domain on transport NetBT_Tcpip_{958B2E52-9881-4BB0-B80E-FB26F359D3DB}.
The master browser is stopping or an election is being forced.

Error: (09/28/2014 05:49:52 AM) (Source: bowser) (EventID: 8003) (User: )
Description: The master browser has received a server announcement from the computer ROHAN-PC
that believes that it is the master browser for the domain on transport NetBT_Tcpip_{958B2E52-9881-4BB0-B80E-FB26F359D3DB}.
The master browser is stopping or an election is being forced.

Error: (09/28/2014 01:53:30 AM) (Source: bowser) (EventID: 8003) (User: )
Description: The master browser has received a server announcement from the computer JUSTUS-PC
that believes that it is the master browser for the domain on transport NetBT_Tcpip_{958B2E52-9881-4BB0-B80E-FB26F359D3DB}.
The master browser is stopping or an election is being forced.

Error: (09/28/2014 00:51:18 AM) (Source: bowser) (EventID: 8003) (User: )
Description: The master browser has received a server announcement from the computer JUSTUS-PC
that believes that it is the master browser for the domain on transport NetBT_Tcpip_{958B2E52-9881-4BB0-B80E-FB26F359D3DB}.
The master browser is stopping or an election is being forced.

Error: (09/27/2014 10:58:38 PM) (Source: bowser) (EventID: 8003) (User: )
Description: The master browser has received a server announcement from the computer SDWM-20140529NU
that believes that it is the master browser for the domain on transport NetBT_Tcpip_{958B2E52-9881-4BB0-B80E-FB26F359D3DB}.
The master browser is stopping or an election is being forced.

Error: (09/27/2014 10:30:58 PM) (Source: NetBT) (EventID: 4321) (User: )
Description: The name "WORKGROUP :1d" could not be registered on the interface with IP address 10.1.5.153.
The computer with the IP address 10.1.6.63 did not allow the name to be claimed by
this computer.

Error: (09/27/2014 10:25:07 PM) (Source: NetBT) (EventID: 4321) (User: )
Description: The name "WORKGROUP :1d" could not be registered on the interface with IP address 10.1.5.153.
The computer with the IP address 10.1.6.63 did not allow the name to be claimed by
this computer.


Microsoft Office Sessions:
=========================
Error: (10/05/2014 06:50:58 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 34426656

Error: (10/05/2014 06:50:58 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 34426656

Error: (10/05/2014 06:50:58 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (10/04/2014 09:17:12 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 1250

Error: (10/04/2014 09:17:12 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 1250

Error: (10/04/2014 09:17:12 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (10/04/2014 05:51:12 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: plugin-container.exe32.0.3.537954224e6bmozalloc.dll32.0.3.537954221b67800000030000141bbdc01cfdfb4a6c30e62C:\Program Files (x86)\Mozilla Firefox\plugin-container.exeC:\Program Files (x86)\Mozilla Firefox\mozalloc.dllf8b07144-4bab-11e4-beba-84a6c8e4c414

Error: (10/04/2014 05:21:10 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: plugin-container.exe32.0.3.537954224e6bmozalloc.dll32.0.3.537954221b67800000030000141b1a9c01cfdfb0daa02614C:\Program Files (x86)\Mozilla Firefox\plugin-container.exeC:\Program Files (x86)\Mozilla Firefox\mozalloc.dllc70e2d64-4ba7-11e4-beba-84a6c8e4c414

Error: (10/04/2014 05:14:59 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 361157

Error: (10/04/2014 05:14:59 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 361157


==================== Memory info ===========================

Processor: Intel(R) Core(TM) i7-3632QM CPU @ 2.20GHz
Percentage of memory in use: 39%
Total physical RAM: 8081.76 MB
Available physical RAM: 4864.48 MB
Total Pagefile: 9361.76 MB
Available Pagefile: 5242.99 MB
Total Virtual: 131072 MB
Available Virtual: 131071.79 MB

==================== Drives ================================

Drive c: (OS) (Fixed) (Total:178.51 GB) (Free:14.55 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive d: (Data) (Fixed) (Total:247.26 GB) (Free:17.26 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 447.1 GB) (Disk ID: 8100DCBC)

Partition: GPT Partition Type.

==================== End Of Log ============================




Done as instructed...

the only thing is that i did not see the MBR.DAT file created on the desktop.

Thanks,

MB
OCD
2014-10-06, 04:52
Hi lonchpad,

http://i1269.photobucket.com/albums/jj590/OCD-WTT/bullseye_zpse9eaf36e.gif (http://s1269.photobucket.com/user/OCD-WTT/media/bullseye_zpse9eaf36e.gif.html) P2P - (Peer to Peer)

I see you have/had P2P software uTorrent/BitTorrent installed on your machine. We are not here to pass judgment on file-sharing as a concept. However, we will warn you that engaging in this activity and having this kind of software installed on your machine will always make you more susceptible to re-infections and possibly Identity Theft. It likely contributed to your current situation. This page (http://malwareremoval.com/p2pindex.php) will give you further information.

Please note: Even if you are using a "safe" P2P program, it is only the program that is safe. You will be sharing files from uncertified sources, and these are often infected. The bad guys use P2P filesharing as a major conduit to spread their wares.

I highly recommed that you uninstall uTorrent/BitTorrent.

=========================

http://i1269.photobucket.com/albums/jj590/OCD-WTT/bullseye_zpse9eaf36e.gif (http://s1269.photobucket.com/user/OCD-WTT/media/bullseye_zpse9eaf36e.gif.html) AdwCleaner v3: Scan & Clean (http://www.bleepingcomputer.com/download/adwcleaner/)

Windows XP : Double click on the icon to run it.
Windows Vista, Windows 7 & 8 : Right click and select "Run as Administrator"

Click on the Scan button.
AdwCleaner will begin to scan your computer like it did before.
After the scan has finished...
Click on the Clean button.
Press OK when asked to close all programs and follow the onscreen prompts.
Press OK again to allow AdwCleaner to restart the computer and complete the removal process.
After rebooting, a log file report (AdwCleaner[S0].txt) will open automatically.
Copy and paste the contents of that log file in your next reply.
A copy of that log file will also be saved in the C:\AdwCleaner folder.

=========================

http://i1269.photobucket.com/albums/jj590/OCD-WTT/bullseye_zpse9eaf36e.gif (http://s1269.photobucket.com/user/OCD-WTT/media/bullseye_zpse9eaf36e.gif.html) Junkware Removal Tool

Download Junkware Removal Tool (http://thisisudax.org/downloads/JRT.exe) to your desktop.

Windows XP : Double click on the icon to run it.
Windows Vista, Windows 7 & 8 : Right click and select "Run as Administrator"

Shut down your protection software now to avoid potential conflicts.
The tool will open and start scanning your system.
Please be patient as this can take a while to complete depending on your system's specifications.
On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
Post the contents of JRT.txt into your next message.

=========================

http://i1269.photobucket.com/albums/jj590/OCD-WTT/bullseye_zpse9eaf36e.gif (http://s1269.photobucket.com/user/OCD-WTT/media/bullseye_zpse9eaf36e.gif.html) Malwarebytes' Anti-Malware

Download Malwarebytes' Anti-Malware (http://www.malwarebytes.org/mbam-download.php) (save it to your desktop).


Windows XP : Double click on the icon to run it.
Windows Vista, Windows 7 & 8 : Right click and select "Run as Administrator"

Select Scan tab.
http://i1269.photobucket.com/albums/jj590/OCD-WTT/MBAMDashboard_zpsddef9b5f.gif (http://s1269.photobucket.com/user/OCD-WTT/media/MBAMDashboard_zpsddef9b5f.gif.html)
Select type of scan to perform:
http://i1269.photobucket.com/albums/jj590/OCD-WTT/MBAMScanTab_zps2c5e74bd.gif (http://s1269.photobucket.com/user/OCD-WTT/media/MBAMScanTab_zps2c5e74bd.gif.html)

Threat Scan < --- Select this type of scan
Custom Scan
Hyper Scan

Next click the Scan button.
When the scan is complete, if no malicious items are found you can close the program.
If malicious items are found be sure that everything is checked, and click Quarantine .
When completed, a log will open in Notepad. Please save it to a convenient location and post the results.
Note: If you receive a notice that some of the items couldn't be removed, that they have been added to the delete on reboot list, please reboot.

=========================

http://i1269.photobucket.com/albums/jj590/OCD-WTT/bullseye_zpse9eaf36e.gif (http://s1269.photobucket.com/user/OCD-WTT/media/bullseye_zpse9eaf36e.gif.html) Re-run Farbar Recovery Scan Tool it should be on your desktop.


Windows XP : Double click on the icon to run it.
Windows Vista, Windows 7 & 8 : Right click and select "Run as Administrator"

When the tool opens click Yes to disclaimer.
Also select the Addition.txt box
Press Scan button.
It will make a log (FRST.txt) in the same directory the tool is run. Please copy and paste it to your reply.

=========================

In your next post please provide the following:

AdwCleaner[S0].txt
JRT.txt
MBAM log
Fresh FRST.txt
Addition.txt
How is the computer running at the moment?
lonchpad
2014-10-07, 07:48
I thank you for all your help.

It's help like this gives me hope in humanity once again.

so far so good, the ads went away after the junkware removal tool.

I was not able to save the malwarebites logs before the computer restarted but went to history and exported the logs, I hope that is what you are looking for , if not please advise where I can find the logs you are looking for.

again, Thank you kindly.

MB




# AdwCleaner v3.311 - Report created 07/10/2014 at 10:10:26
# Updated 30/09/2014 by Xplode
# Operating System : Windows 8.1 (64 bits)
# Username : Mark - MBASUS31DEC2103
# Running from : C:\Users\Mark\Desktop\AdwCleaner.exe
# Option : Clean

***** [ Services ] *****

Service Deleted : BackupStack
[#] Service Deleted : Update neurowise
[#] Service Deleted : Util neurowise
Service Deleted : {fe651286-52a1-461b-a17a-f258b4b81968}w64

***** [ Files / Folders ] *****

Folder Deleted : C:\Program Files (x86)\JustCloud
[!] Folder Deleted : C:\Program Files (x86)\neurowise
Folder Deleted : C:\Users\Mark\AppData\Local\genienext
Folder Deleted : C:\Users\Mark\AppData\Local\Mobogenie
Folder Deleted : C:\Users\Mark\AppData\Local\torch
Folder Deleted : C:\Users\Mark\AppData\Local\Temp\neurowise
Folder Deleted : C:\Users\Mark\AppData\Roaming\newnext.me
Folder Deleted : C:\Users\Mark\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\JustCloud
Folder Deleted : C:\Users\Mark\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Mobogenie
Folder Deleted : C:\Users\Mark\Documents\Mobogenie
File Deleted : C:\WINDOWS\System32\drivers\{fe651286-52a1-461b-a17a-f258b4b81968}w64.sys
File Deleted : C:\Users\Mark\daemonprocess.txt
File Deleted : C:\Users\Mark\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\JustCloud.lnk
File Deleted : C:\Users\Mark\Desktop\JustCloud.lnk
File Deleted : C:\Users\Mark\AppData\Roaming\Mozilla\Firefox\Profiles\188zl65w.default\user.js

***** [ Scheduled Tasks ] *****

Task Deleted : LaunchApp

***** [ Shortcuts ] *****


***** [ Registry ] *****

Key Deleted : HKLM\SOFTWARE\Classes\AppID\secman.DLL
Key Deleted : HKLM\SOFTWARE\Classes\secman.OutlookSecurityManager
Key Deleted : HKLM\SOFTWARE\Classes\secman.OutlookSecurityManager.1
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\MobogenieAdd
Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [mobilegeni daemon]
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\updateneurowise_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\updateneurowise_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\utilneurowise_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\utilneurowise_RASMANCS
Key Deleted : HKLM\SYSTEM\CurrentControlSet\Services\EventLog\Application\Update neurowise
Key Deleted : HKLM\SYSTEM\CurrentControlSet\Services\EventLog\Application\Util neurowise
Key Deleted : HKEY_USERS\.DEFAULT\Software\Microsoft\.NETFramework\SQM\Apps\updateneurowise.exe
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{4D076AB4-7562-427A-B5D2-BD96E19DEE56}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{058F0E48-61CA-4964-9FBA-1978A1BB060D}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{18F33C35-8EF2-40D7-8BA4-932B0121B472}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{4AA46D49-459F-4358-B4D1-169048547C23}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{5A4E3A41-FA55-4BDA-AED7-CEBE6E7BCB52}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{826D7151-8D99-434B-8540-082B8C2AE556}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{d08ab008-0647-4784-8e2c-5769cd4a7c3a}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4E6354DE-9115-4AEE-BD21-C46C3E8A49DB}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8FFE}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{FC073BDA-C115-4A1D-9DF9-9B5C461482E5}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{11549FE4-7C5A-4C17-9FC3-56FC5162A994}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{A2D733A7-73B0-4C6B-B0C7-06A432950B66}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{724dd777-5654-4d06-b3bc-c2ff56615998}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{d08ab008-0647-4784-8e2c-5769cd4a7c3a}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{4AA46D49-459F-4358-B4D1-169048547C23}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{5A4E3A41-FA55-4BDA-AED7-CEBE6E7BCB52}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{4E6354DE-9115-4AEE-BD21-C46C3E8A49DB}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8FFE}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{FC073BDA-C115-4A1D-9DF9-9B5C461482E5}
Key Deleted : HKCU\Software\InstallCore
Key Deleted : HKCU\Software\Myfree Codec
Key Deleted : HKCU\Software\neurowise
Key Deleted : HKCU\Software\AppDataLow\Software\Re_Markit
Key Deleted : HKLM\SOFTWARE\Myfree Codec
Key Deleted : HKLM\SOFTWARE\neurowise
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\neurowise

***** [ Browsers ] *****

-\\ Internet Explorer v0.0.0.0


-\\ Mozilla Firefox v32.0.3 (x86 en-US)

[ File : C:\Users\Mark\AppData\Roaming\Mozilla\Firefox\Profiles\188zl65w.default\prefs.js ]


-\\ Google Chrome v37.0.2062.124

[ File : C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\preferences ]

Deleted [Extension] : dcpfhaghaadpjpgocojgnlhjcieeooel
Deleted [Extension] : hphehadppenpmajgnkjdcopcfijjegaf

*************************

AdwCleaner[R0].txt - [6737 octets] - [07/10/2014 10:07:46]
AdwCleaner[S0].txt - [6242 octets] - [07/10/2014 10:10:26]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [6302 octets] ##########










~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.3.1 (10.06.2014:1)
OS: Windows 8.1 x64
Ran by Mark on Tue 10/07/2014 at 10:36:59.63
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values

Successfully repaired: [Registry Value] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Default_Page_URL



~~~ Registry Keys



~~~ Files

Successfully deleted: [File] C:\WINDOWS\prefetch\DRIVERTOOLKIT.EXE-0EC65877.pf
Successfully deleted: [File] C:\WINDOWS\prefetch\DRIVER_SETUP(1).TMP-120BC49A.pf
Successfully deleted: [File] C:\WINDOWS\prefetch\DRIVER_SETUP(1).TMP-3C2C846E.pf
Successfully deleted: [File] C:\WINDOWS\prefetch\DRIVER_SETUP(1).TMP-AABAE752.pf
Successfully deleted: [File] C:\WINDOWS\prefetch\DRIVER_SETUP(1).TMP-B2A455EA.pf
Successfully deleted: [File] C:\WINDOWS\prefetch\DRIVER_SETUP(1).TMP-C58496D9.pf



~~~ Folders

Successfully deleted: [Folder] "C:\Program Files (x86)\myfree codec"



~~~ FireFox

Successfully deleted: [Folder] C:\Users\Mark\AppData\Roaming\mozilla\firefox\profiles\188zl65w.default\extensions\staged
Emptied folder: C:\Users\Mark\AppData\Roaming\mozilla\firefox\profiles\188zl65w.default\minidumps [2 files]



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Tue 10/07/2014 at 10:40:47.34
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~











Malwarebytes Anti-Malware
www.malwarebytes.org


Protection, 10/7/2014 10:46:42 AM, SYSTEM, MBASUS31DEC2103, Protection, Malware Protection, Starting,
Protection, 10/7/2014 10:46:42 AM, SYSTEM, MBASUS31DEC2103, Protection, Malware Protection, Started,
Protection, 10/7/2014 10:46:42 AM, SYSTEM, MBASUS31DEC2103, Protection, Malicious Website Protection, Starting,
Protection, 10/7/2014 10:46:43 AM, SYSTEM, MBASUS31DEC2103, Protection, Malicious Website Protection, Started,
Detection, 10/7/2014 10:46:48 AM, SYSTEM, MBASUS31DEC2103, Protection, Malicious Website Protection, IP, 111.111.111.111, imgcdn.ptvcdn.net, 63119, Outbound, C:\Program Files (x86)\PANDORA.TV\PanService\KMPProcess.exe,
Detection, 10/7/2014 10:46:48 AM, SYSTEM, MBASUS31DEC2103, Protection, Malicious Website Protection, IP, 111.111.111.111, imgcdn.ptvcdn.net, 63119, Outbound, C:\Program Files (x86)\PANDORA.TV\PanService\KMPProcess.exe,
Detection, 10/7/2014 10:46:48 AM, SYSTEM, MBASUS31DEC2103, Protection, Malicious Website Protection, IP, 111.111.111.111, imgcdn.ptvcdn.net, 63122, Outbound, C:\Program Files (x86)\PANDORA.TV\PanService\KMPService.exe,
Update, 10/7/2014 10:47:02 AM, SYSTEM, MBASUS31DEC2103, Manual, Rootkit Database, 2014.2.20.1, 2014.9.19.1,
Update, 10/7/2014 10:47:50 AM, SYSTEM, MBASUS31DEC2103, Manual, Malware Database, 2014.3.4.9, 2014.10.7.2,
Detection, 10/7/2014 10:47:51 AM, SYSTEM, MBASUS31DEC2103, Protection, Malicious Website Protection, IP, 111.111.111.111, imgcdn.ptvcdn.net, 63165, Outbound, C:\Program Files (x86)\PANDORA.TV\PanService\KMPProcess.exe,
Protection, 10/7/2014 10:47:54 AM, SYSTEM, MBASUS31DEC2103, Protection, Refresh, Starting,
Protection, 10/7/2014 10:47:54 AM, SYSTEM, MBASUS31DEC2103, Protection, Malicious Website Protection, Stopping,
Protection, 10/7/2014 10:47:54 AM, SYSTEM, MBASUS31DEC2103, Protection, Malicious Website Protection, Stopped,
Protection, 10/7/2014 10:48:01 AM, SYSTEM, MBASUS31DEC2103, Protection, Refresh, Success,
Protection, 10/7/2014 10:48:01 AM, SYSTEM, MBASUS31DEC2103, Protection, Malicious Website Protection, Starting,
Protection, 10/7/2014 10:48:02 AM, SYSTEM, MBASUS31DEC2103, Protection, Malicious Website Protection, Started,
Detection, 10/7/2014 10:48:51 AM, SYSTEM, MBASUS31DEC2103, Protection, Malicious Website Protection, IP, 111.111.111.111, imgcdn.ptvcdn.net, 63188, Outbound, C:\Program Files (x86)\PANDORA.TV\PanService\KMPProcess.exe,
Detection, 10/7/2014 10:48:51 AM, SYSTEM, MBASUS31DEC2103, Protection, Malicious Website Protection, IP, 111.111.111.111, imgcdn.ptvcdn.net, 63188, Outbound, C:\Program Files (x86)\PANDORA.TV\PanService\KMPProcess.exe,
Detection, 10/7/2014 10:49:54 AM, SYSTEM, MBASUS31DEC2103, Protection, Malicious Website Protection, IP, 111.111.111.111, imgcdn.ptvcdn.net, 63191, Outbound, C:\Program Files (x86)\PANDORA.TV\PanService\KMPProcess.exe,
Detection, 10/7/2014 10:50:54 AM, SYSTEM, MBASUS31DEC2103, Protection, Malicious Website Protection, IP, 111.111.111.111, imgcdn.ptvcdn.net, 63193, Outbound, C:\Program Files (x86)\PANDORA.TV\PanService\KMPProcess.exe,
Detection, 10/7/2014 10:51:54 AM, SYSTEM, MBASUS31DEC2103, Protection, Malicious Website Protection, IP, 111.111.111.111, imgcdn.ptvcdn.net, 63195, Outbound, C:\Program Files (x86)\PANDORA.TV\PanService\KMPProcess.exe,
Detection, 10/7/2014 10:52:54 AM, SYSTEM, MBASUS31DEC2103, Protection, Malicious Website Protection, IP, 111.111.111.111, imgcdn.ptvcdn.net, 63219, Outbound, C:\Program Files (x86)\PANDORA.TV\PanService\KMPProcess.exe,
Detection, 10/7/2014 10:53:54 AM, SYSTEM, MBASUS31DEC2103, Protection, Malicious Website Protection, IP, 111.111.111.111, imgcdn.ptvcdn.net, 63221, Outbound, C:\Program Files (x86)\PANDORA.TV\PanService\KMPProcess.exe,
Detection, 10/7/2014 10:54:28 AM, SYSTEM, MBASUS31DEC2103, Protection, Malicious Website Protection, IP, 111.111.111.111, imgcdn.ptvcdn.net, 63222, Outbound, C:\Program Files (x86)\PANDORA.TV\PanService\KMPProcess.exe,
Detection, 10/7/2014 10:54:54 AM, SYSTEM, MBASUS31DEC2103, Protection, Malicious Website Protection, IP, 111.111.111.111, imgcdn.ptvcdn.net, 63230, Outbound, C:\Program Files (x86)\PANDORA.TV\PanService\KMPProcess.exe,
Detection, 10/7/2014 10:55:54 AM, SYSTEM, MBASUS31DEC2103, Protection, Malicious Website Protection, IP, 111.111.111.111, imgcdn.ptvcdn.net, 63233, Outbound, C:\Program Files (x86)\PANDORA.TV\PanService\KMPProcess.exe,
Detection, 10/7/2014 10:56:54 AM, SYSTEM, MBASUS31DEC2103, Protection, Malicious Website Protection, IP, 111.111.111.111, imgcdn.ptvcdn.net, 63235, Outbound, C:\Program Files (x86)\PANDORA.TV\PanService\KMPProcess.exe,
Detection, 10/7/2014 10:57:54 AM, SYSTEM, MBASUS31DEC2103, Protection, Malicious Website Protection, IP, 111.111.111.111, imgcdn.ptvcdn.net, 63237, Outbound, C:\Program Files (x86)\PANDORA.TV\PanService\KMPProcess.exe,
Detection, 10/7/2014 10:58:54 AM, SYSTEM, MBASUS31DEC2103, Protection, Malicious Website Protection, IP, 111.111.111.111, imgcdn.ptvcdn.net, 63239, Outbound, C:\Program Files (x86)\PANDORA.TV\PanService\KMPProcess.exe,
Detection, 10/7/2014 10:59:55 AM, SYSTEM, MBASUS31DEC2103, Protection, Malicious Website Protection, IP, 111.111.111.111, imgcdn.ptvcdn.net, 63246, Outbound, C:\Program Files (x86)\PANDORA.TV\PanService\KMPProcess.exe,
Detection, 10/7/2014 11:00:55 AM, SYSTEM, MBASUS31DEC2103, Protection, Malicious Website Protection, IP, 111.111.111.111, imgcdn.ptvcdn.net, 63248, Outbound, C:\Program Files (x86)\PANDORA.TV\PanService\KMPProcess.exe,
Detection, 10/7/2014 11:01:55 AM, SYSTEM, MBASUS31DEC2103, Protection, Malicious Website Protection, IP, 111.111.111.111, imgcdn.ptvcdn.net, 63252, Outbound, C:\Program Files (x86)\PANDORA.TV\PanService\KMPProcess.exe,
Detection, 10/7/2014 11:02:55 AM, SYSTEM, MBASUS31DEC2103, Protection, Malicious Website Protection, IP, 111.111.111.111, imgcdn.ptvcdn.net, 63258, Outbound, C:\Program Files (x86)\PANDORA.TV\PanService\KMPProcess.exe,
Detection, 10/7/2014 11:02:55 AM, SYSTEM, MBASUS31DEC2103, Protection, Malicious Website Protection, IP, 111.111.111.111, imgcdn.ptvcdn.net, 63258, Outbound, C:\Program Files (x86)\PANDORA.TV\PanService\KMPProcess.exe,
Protection, 10/7/2014 11:03:16 AM, SYSTEM, MBASUS31DEC2103, Protection, Malware Protection, Starting,
Protection, 10/7/2014 11:03:16 AM, SYSTEM, MBASUS31DEC2103, Protection, Malware Protection, Started,
Protection, 10/7/2014 11:03:16 AM, SYSTEM, MBASUS31DEC2103, Protection, Malicious Website Protection, Starting,
Protection, 10/7/2014 11:03:16 AM, SYSTEM, MBASUS31DEC2103, Protection, Malicious Website Protection, Started,
Detection, 10/7/2014 11:03:18 AM, SYSTEM, MBASUS31DEC2103, Protection, Malicious Website Protection, IP, 111.111.111.111, imgcdn.ptvcdn.net, 49161, Outbound, C:\Program Files (x86)\PANDORA.TV\PanService\KMPProcess.exe,
Detection, 10/7/2014 11:03:18 AM, SYSTEM, MBASUS31DEC2103, Protection, Malicious Website Protection, IP, 111.111.111.111, imgcdn.ptvcdn.net, 49161, Outbound, C:\Program Files (x86)\PANDORA.TV\PanService\KMPProcess.exe,
Detection, 10/7/2014 11:04:10 AM, SYSTEM, MBASUS31DEC2103, Protection, Malicious Website Protection, IP, 111.111.111.111, imgcdn.ptvcdn.net, 49185, Outbound, C:\Program Files (x86)\PANDORA.TV\PanService\KMPService.exe,
Detection, 10/7/2014 11:04:15 AM, SYSTEM, MBASUS31DEC2103, Protection, Malicious Website Protection, IP, 111.111.111.111, imgcdn.ptvcdn.net, 49189, Outbound, C:\Program Files (x86)\PANDORA.TV\PanService\KMPProcess.exe,
Detection, 10/7/2014 11:05:15 AM, SYSTEM, MBASUS31DEC2103, Protection, Malicious Website Protection, IP, 111.111.111.111, imgcdn.ptvcdn.net, 49238, Outbound, C:\Program Files (x86)\PANDORA.TV\PanService\KMPProcess.exe,
Detection, 10/7/2014 11:06:15 AM, SYSTEM, MBASUS31DEC2103, Protection, Malicious Website Protection, IP, 111.111.111.111, imgcdn.ptvcdn.net, 49258, Outbound, C:\Program Files (x86)\PANDORA.TV\PanService\KMPProcess.exe,
Detection, 10/7/2014 11:07:15 AM, SYSTEM, MBASUS31DEC2103, Protection, Malicious Website Protection, IP, 111.111.111.111, imgcdn.ptvcdn.net, 49271, Outbound, C:\Program Files (x86)\PANDORA.TV\PanService\KMPProcess.exe,
Detection, 10/7/2014 11:08:15 AM, SYSTEM, MBASUS31DEC2103, Protection, Malicious Website Protection, IP, 111.111.111.111, imgcdn.ptvcdn.net, 49285, Outbound, C:\Program Files (x86)\PANDORA.TV\PanService\KMPProcess.exe,
Detection, 10/7/2014 11:09:15 AM, SYSTEM, MBASUS31DEC2103, Protection, Malicious Website Protection, IP, 111.111.111.111, imgcdn.ptvcdn.net, 49299, Outbound, C:\Program Files (x86)\PANDORA.TV\PanService\KMPProcess.exe,
Detection, 10/7/2014 11:10:15 AM, SYSTEM, MBASUS31DEC2103, Protection, Malicious Website Protection, IP, 111.111.111.111, imgcdn.ptvcdn.net, 49313, Outbound, C:\Program Files (x86)\PANDORA.TV\PanService\KMPProcess.exe,
Detection, 10/7/2014 11:11:15 AM, SYSTEM, MBASUS31DEC2103, Protection, Malicious Website Protection, IP, 111.111.111.111, imgcdn.ptvcdn.net, 49327, Outbound, C:\Program Files (x86)\PANDORA.TV\PanService\KMPProcess.exe,
Detection, 10/7/2014 11:12:15 AM, SYSTEM, MBASUS31DEC2103, Protection, Malicious Website Protection, IP, 111.111.111.111, imgcdn.ptvcdn.net, 49340, Outbound, C:\Program Files (x86)\PANDORA.TV\PanService\KMPProcess.exe,
Detection, 10/7/2014 11:13:15 AM, SYSTEM, MBASUS31DEC2103, Protection, Malicious Website Protection, IP, 111.111.111.111, imgcdn.ptvcdn.net, 49354, Outbound, C:\Program Files (x86)\PANDORA.TV\PanService\KMPProcess.exe,
Detection, 10/7/2014 11:13:35 AM, SYSTEM, MBASUS31DEC2103, Protection, Malicious Website Protection, IP, 111.111.111.111, imgcdn.ptvcdn.net, 49359, Outbound, C:\Program Files (x86)\PANDORA.TV\PanService\KMPProcess.exe,
Detection, 10/7/2014 11:14:15 AM, SYSTEM, MBASUS31DEC2103, Protection, Malicious Website Protection, IP, 111.111.111.111, imgcdn.ptvcdn.net, 49380, Outbound, C:\Program Files (x86)\PANDORA.TV\PanService\KMPProcess.exe,
Detection, 10/7/2014 11:15:15 AM, SYSTEM, MBASUS31DEC2103, Protection, Malicious Website Protection, IP, 111.111.111.111, imgcdn.ptvcdn.net, 49394, Outbound, C:\Program Files (x86)\PANDORA.TV\PanService\KMPProcess.exe,
Detection, 10/7/2014 11:16:15 AM, SYSTEM, MBASUS31DEC2103, Protection, Malicious Website Protection, IP, 111.111.111.111, imgcdn.ptvcdn.net, 49408, Outbound, C:\Program Files (x86)\PANDORA.TV\PanService\KMPProcess.exe,
Detection, 10/7/2014 11:17:15 AM, SYSTEM, MBASUS31DEC2103, Protection, Malicious Website Protection, IP, 111.111.111.111, imgcdn.ptvcdn.net, 49421, Outbound, C:\Program Files (x86)\PANDORA.TV\PanService\KMPProcess.exe,
Detection, 10/7/2014 11:18:15 AM, SYSTEM, MBASUS31DEC2103, Protection, Malicious Website Protection, IP, 111.111.111.111, imgcdn.ptvcdn.net, 49438, Outbound, C:\Program Files (x86)\PANDORA.TV\PanService\KMPProcess.exe,
Detection, 10/7/2014 11:19:15 AM, SYSTEM, MBASUS31DEC2103, Protection, Malicious Website Protection, IP, 111.111.111.111, imgcdn.ptvcdn.net, 49458, Outbound, C:\Program Files (x86)\PANDORA.TV\PanService\KMPProcess.exe,
Detection, 10/7/2014 11:20:16 AM, SYSTEM, MBASUS31DEC2103, Protection, Malicious Website Protection, IP, 111.111.111.111, imgcdn.ptvcdn.net, 49472, Outbound, C:\Program Files (x86)\PANDORA.TV\PanService\KMPProcess.exe,
Detection, 10/7/2014 11:21:16 AM, SYSTEM, MBASUS31DEC2103, Protection, Malicious Website Protection, IP, 111.111.111.111, imgcdn.ptvcdn.net, 49485, Outbound, C:\Program Files (x86)\PANDORA.TV\PanService\KMPProcess.exe,
Detection, 10/7/2014 11:22:16 AM, SYSTEM, MBASUS31DEC2103, Protection, Malicious Website Protection, IP, 111.111.111.111, imgcdn.ptvcdn.net, 49499, Outbound, C:\Program Files (x86)\PANDORA.TV\PanService\KMPProcess.exe,
Detection, 10/7/2014 11:23:16 AM, SYSTEM, MBASUS31DEC2103, Protection, Malicious Website Protection, IP, 111.111.111.111, imgcdn.ptvcdn.net, 49513, Outbound, C:\Program Files (x86)\PANDORA.TV\PanService\KMPProcess.exe,
Detection, 10/7/2014 11:23:47 AM, SYSTEM, MBASUS31DEC2103, Protection, Malicious Website Protection, IP, 111.111.111.111, imgcdn.ptvcdn.net, 49520, Outbound, C:\Program Files (x86)\PANDORA.TV\PanService\KMPProcess.exe,
Detection, 10/7/2014 11:24:16 AM, SYSTEM, MBASUS31DEC2103, Protection, Malicious Website Protection, IP, 111.111.111.111, imgcdn.ptvcdn.net, 49529, Outbound, C:\Program Files (x86)\PANDORA.TV\PanService\KMPProcess.exe,
Detection, 10/7/2014 11:25:16 AM, SYSTEM, MBASUS31DEC2103, Protection, Malicious Website Protection, IP, 111.111.111.111, imgcdn.ptvcdn.net, 49543, Outbound, C:\Program Files (x86)\PANDORA.TV\PanService\KMPProcess.exe,
Detection, 10/7/2014 11:26:16 AM, SYSTEM, MBASUS31DEC2103, Protection, Malicious Website Protection, IP, 111.111.111.111, imgcdn.ptvcdn.net, 49556, Outbound, C:\Program Files (x86)\PANDORA.TV\PanService\KMPProcess.exe,
Detection, 10/7/2014 11:27:18 AM, SYSTEM, MBASUS31DEC2103, Protection, Malicious Website Protection, IP, 111.111.111.111, imgcdn.ptvcdn.net, 49567, Outbound, C:\Program Files (x86)\PANDORA.TV\PanService\KMPProcess.exe,
Detection, 10/7/2014 11:28:19 AM, SYSTEM, MBASUS31DEC2103, Protection, Malicious Website Protection, IP, 111.111.111.111, imgcdn.ptvcdn.net, 49578, Outbound, C:\Program Files (x86)\PANDORA.TV\PanService\KMPProcess.exe,
Detection, 10/7/2014 11:29:19 AM, SYSTEM, MBASUS31DEC2103, Protection, Malicious Website Protection, IP, 111.111.111.111, imgcdn.ptvcdn.net, 49590, Outbound, C:\Program Files (x86)\PANDORA.TV\PanService\KMPProcess.exe,
Detection, 10/7/2014 11:30:20 AM, SYSTEM, MBASUS31DEC2103, Protection, Malicious Website Protection, IP, 111.111.111.111, imgcdn.ptvcdn.net, 49602, Outbound, C:\Program Files (x86)\PANDORA.TV\PanService\KMPProcess.exe,
Detection, 10/7/2014 11:31:21 AM, SYSTEM, MBASUS31DEC2103, Protection, Malicious Website Protection, IP, 111.111.111.111, imgcdn.ptvcdn.net, 49614, Outbound, C:\Program Files (x86)\PANDORA.TV\PanService\KMPProcess.exe,
Detection, 10/7/2014 11:32:23 AM, SYSTEM, MBASUS31DEC2103, Protection, Malicious Website Protection, IP, 111.111.111.111, imgcdn.ptvcdn.net, 49627, Outbound, C:\Program Files (x86)\PANDORA.TV\PanService\KMPProcess.exe,
Detection, 10/7/2014 11:33:23 AM, SYSTEM, MBASUS31DEC2103, Protection, Malicious Website Protection, IP, 111.111.111.111, imgcdn.ptvcdn.net, 49640, Outbound, C:\Program Files (x86)\PANDORA.TV\PanService\KMPProcess.exe,
Detection, 10/7/2014 11:34:01 AM, SYSTEM, MBASUS31DEC2103, Protection, Malicious Website Protection, IP, 111.111.111.111, imgcdn.ptvcdn.net, 49649, Outbound, C:\Program Files (x86)\PANDORA.TV\PanService\KMPProcess.exe,
Detection, 10/7/2014 11:34:24 AM, SYSTEM, MBASUS31DEC2103, Protection, Malicious Website Protection, IP, 111.111.111.111, imgcdn.ptvcdn.net, 49656, Outbound, C:\Program Files (x86)\PANDORA.TV\PanService\KMPProcess.exe,
Detection, 10/7/2014 11:35:24 AM, SYSTEM, MBASUS31DEC2103, Protection, Malicious Website Protection, IP, 111.111.111.111, imgcdn.ptvcdn.net, 49670, Outbound, C:\Program Files (x86)\PANDORA.TV\PanService\KMPProcess.exe,
Detection, 10/7/2014 11:36:24 AM, SYSTEM, MBASUS31DEC2103, Protection, Malicious Website Protection, IP, 111.111.111.111, imgcdn.ptvcdn.net, 49684, Outbound, C:\Program Files (x86)\PANDORA.TV\PanService\KMPProcess.exe,
Detection, 10/7/2014 11:37:24 AM, SYSTEM, MBASUS31DEC2103, Protection, Malicious Website Protection, IP, 111.111.111.111, imgcdn.ptvcdn.net, 49698, Outbound, C:\Program Files (x86)\PANDORA.TV\PanService\KMPProcess.exe,
Detection, 10/7/2014 11:38:24 AM, SYSTEM, MBASUS31DEC2103, Protection, Malicious Website Protection, IP, 111.111.111.111, imgcdn.ptvcdn.net, 49711, Outbound, C:\Program Files (x86)\PANDORA.TV\PanService\KMPProcess.exe,
Detection, 10/7/2014 11:39:24 AM, SYSTEM, MBASUS31DEC2103, Protection, Malicious Website Protection, IP, 111.111.111.111, imgcdn.ptvcdn.net, 49725, Outbound, C:\Program Files (x86)\PANDORA.TV\PanService\KMPProcess.exe,
Detection, 10/7/2014 11:40:24 AM, SYSTEM, MBASUS31DEC2103, Protection, Malicious Website Protection, IP, 111.111.111.111, imgcdn.ptvcdn.net, 49739, Outbound, C:\Program Files (x86)\PANDORA.TV\PanService\KMPProcess.exe,
Detection, 10/7/2014 11:41:24 AM, SYSTEM, MBASUS31DEC2103, Protection, Malicious Website Protection, IP, 111.111.111.111, imgcdn.ptvcdn.net, 49753, Outbound, C:\Program Files (x86)\PANDORA.TV\PanService\KMPProcess.exe,
Detection, 10/7/2014 11:42:24 AM, SYSTEM, MBASUS31DEC2103, Protection, Malicious Website Protection, IP, 111.111.111.111, imgcdn.ptvcdn.net, 49767, Outbound, C:\Program Files (x86)\PANDORA.TV\PanService\KMPProcess.exe,
Detection, 10/7/2014 11:43:24 AM, SYSTEM, MBASUS31DEC2103, Protection, Malicious Website Protection, IP, 111.111.111.111, imgcdn.ptvcdn.net, 49780, Outbound, C:\Program Files (x86)\PANDORA.TV\PanService\KMPProcess.exe,
Detection, 10/7/2014 11:44:14 AM, SYSTEM, MBASUS31DEC2103, Protection, Malicious Website Protection, IP, 111.111.111.111, imgcdn.ptvcdn.net, 49791, Outbound, C:\Program Files (x86)\PANDORA.TV\PanService\KMPProcess.exe,
Detection, 10/7/2014 11:44:24 AM, SYSTEM, MBASUS31DEC2103, Protection, Malicious Website Protection, IP, 111.111.111.111, imgcdn.ptvcdn.net, 49796, Outbound, C:\Program Files (x86)\PANDORA.TV\PanService\KMPProcess.exe,
Detection, 10/7/2014 11:45:24 AM, SYSTEM, MBASUS31DEC2103, Protection, Malicious Website Protection, IP, 111.111.111.111, imgcdn.ptvcdn.net, 49810, Outbound, C:\Program Files (x86)\PANDORA.TV\PanService\KMPProcess.exe,
Detection, 10/7/2014 11:46:24 AM, SYSTEM, MBASUS31DEC2103, Protection, Malicious Website Protection, IP, 111.111.111.111, imgcdn.ptvcdn.net, 49824, Outbound, C:\Program Files (x86)\PANDORA.TV\PanService\KMPProcess.exe,
Detection, 10/7/2014 11:47:24 AM, SYSTEM, MBASUS31DEC2103, Protection, Malicious Website Protection, IP, 111.111.111.111, imgcdn.ptvcdn.net, 49837, Outbound, C:\Program Files (x86)\PANDORA.TV\PanService\KMPProcess.exe,
Detection, 10/7/2014 11:48:24 AM, SYSTEM, MBASUS31DEC2103, Protection, Malicious Website Protection, IP, 111.111.111.111, imgcdn.ptvcdn.net, 49855, Outbound, C:\Program Files (x86)\PANDORA.TV\PanService\KMPProcess.exe,
Detection, 10/7/2014 11:49:24 AM, SYSTEM, MBASUS31DEC2103, Protection, Malicious Website Protection, IP, 111.111.111.111, imgcdn.ptvcdn.net, 49874, Outbound, C:\Program Files (x86)\PANDORA.TV\PanService\KMPProcess.exe,
Detection, 10/7/2014 11:50:24 AM, SYSTEM, MBASUS31DEC2103, Protection, Malicious Website Protection, IP, 111.111.111.111, imgcdn.ptvcdn.net, 49889, Outbound, C:\Program Files (x86)\PANDORA.TV\PanService\KMPProcess.exe,
Detection, 10/7/2014 11:51:25 AM, SYSTEM, MBASUS31DEC2103, Protection, Malicious Website Protection, IP, 111.111.111.111, imgcdn.ptvcdn.net, 49903, Outbound, C:\Program Files (x86)\PANDORA.TV\PanService\KMPProcess.exe,
Detection, 10/7/2014 11:52:25 AM, SYSTEM, MBASUS31DEC2103, Protection, Malicious Website Protection, IP, 111.111.111.111, imgcdn.ptvcdn.net, 49916, Outbound, C:\Program Files (x86)\PANDORA.TV\PanService\KMPProcess.exe,
Detection, 10/7/2014 11:53:25 AM, SYSTEM, MBASUS31DEC2103, Protection, Malicious Website Protection, IP, 111.111.111.111, imgcdn.ptvcdn.net, 49929, Outbound, C:\Program Files (x86)\PANDORA.TV\PanService\KMPProcess.exe,
Detection, 10/7/2014 11:54:25 AM, SYSTEM, MBASUS31DEC2103, Protection, Malicious Website Protection, IP, 111.111.111.111, imgcdn.ptvcdn.net, 49944, Outbound, C:\Program Files (x86)\PANDORA.TV\PanService\KMPProcess.exe,
Detection, 10/7/2014 11:54:26 AM, SYSTEM, MBASUS31DEC2103, Protection, Malicious Website Protection, IP, 111.111.111.111, imgcdn.ptvcdn.net, 49945, Outbound, C:\Program Files (x86)\PANDORA.TV\PanService\KMPProcess.exe,
Detection, 10/7/2014 11:55:25 AM, SYSTEM, MBASUS31DEC2103, Protection, Malicious Website Protection, IP, 111.111.111.111, imgcdn.ptvcdn.net, 49961, Outbound, C:\Program Files (x86)\PANDORA.TV\PanService\KMPProcess.exe,
Detection, 10/7/2014 11:56:25 AM, SYSTEM, MBASUS31DEC2103, Protection, Malicious Website Protection, IP, 111.111.111.111, imgcdn.ptvcdn.net, 49976, Outbound, C:\Program Files (x86)\PANDORA.TV\PanService\KMPProcess.exe,
Detection, 10/7/2014 11:57:25 AM, SYSTEM, MBASUS31DEC2103, Protection, Malicious Website Protection, IP, 111.111.111.111, imgcdn.ptvcdn.net, 49989, Outbound, C:\Program Files (x86)\PANDORA.TV\PanService\KMPProcess.exe,
Detection, 10/7/2014 11:58:25 AM, SYSTEM, MBASUS31DEC2103, Protection, Malicious Website Protection, IP, 111.111.111.111, imgcdn.ptvcdn.net, 50003, Outbound, C:\Program Files (x86)\PANDORA.TV\PanService\KMPProcess.exe,
Detection, 10/7/2014 11:59:25 AM, SYSTEM, MBASUS31DEC2103, Protection, Malicious Website Protection, IP, 111.111.111.111, imgcdn.ptvcdn.net, 50017, Outbound, C:\Program Files (x86)\PANDORA.TV\PanService\KMPProcess.exe,
Detection, 10/7/2014 12:00:25 PM, SYSTEM, MBASUS31DEC2103, Protection, Malicious Website Protection, IP, 111.111.111.111, imgcdn.ptvcdn.net, 50033, Outbound, C:\Program Files (x86)\PANDORA.TV\PanService\KMPProcess.exe,
Detection, 10/7/2014 12:01:25 PM, SYSTEM, MBASUS31DEC2103, Protection, Malicious Website Protection, IP, 111.111.111.111, imgcdn.ptvcdn.net, 59148, Outbound, C:\Program Files (x86)\PANDORA.TV\PanService\KMPProcess.exe,
Detection, 10/7/2014 12:02:25 PM, SYSTEM, MBASUS31DEC2103, Protection, Malicious Website Protection, IP, 111.111.111.111, imgcdn.ptvcdn.net, 59175, Outbound, C:\Program Files (x86)\PANDORA.TV\PanService\KMPProcess.exe,
Detection, 10/7/2014 12:03:17 PM, SYSTEM, MBASUS31DEC2103, Protection, Malicious Website Protection, IP, 111.111.111.111, imgcdn.ptvcdn.net, 59255, Outbound, C:\Program Files (x86)\PANDORA.TV\PanService\KMPService.exe,
Detection, 10/7/2014 12:03:25 PM, SYSTEM, MBASUS31DEC2103, Protection, Malicious Website Protection, IP, 111.111.111.111, imgcdn.ptvcdn.net, 59257, Outbound, C:\Program Files (x86)\PANDORA.TV\PanService\KMPProcess.exe,
Detection, 10/7/2014 12:04:25 PM, SYSTEM, MBASUS31DEC2103, Protection, Malicious Website Protection, IP, 111.111.111.111, imgcdn.ptvcdn.net, 59281, Outbound, C:\Program Files (x86)\PANDORA.TV\PanService\KMPProcess.exe,
Detection, 10/7/2014 12:04:38 PM, SYSTEM, MBASUS31DEC2103, Protection, Malicious Website Protection, IP, 111.111.111.111, imgcdn.ptvcdn.net, 59284, Outbound, C:\Program Files (x86)\PANDORA.TV\PanService\KMPProcess.exe,
Detection, 10/7/2014 12:05:25 PM, SYSTEM, MBASUS31DEC2103, Protection, Malicious Website Protection, IP, 111.111.111.111, imgcdn.ptvcdn.net, 59298, Outbound, C:\Program Files (x86)\PANDORA.TV\PanService\KMPProcess.exe,
Detection, 10/7/2014 12:06:26 PM, SYSTEM, MBASUS31DEC2103, Protection, Malicious Website Protection, IP, 111.111.111.111, imgcdn.ptvcdn.net, 59312, Outbound, C:\Program Files (x86)\PANDORA.TV\PanService\KMPProcess.exe,
Detection, 10/7/2014 12:07:26 PM, SYSTEM, MBASUS31DEC2103, Protection, Malicious Website Protection, IP, 111.111.111.111, imgcdn.ptvcdn.net, 59325, Outbound, C:\Program Files (x86)\PANDORA.TV\PanService\KMPProcess.exe,
Detection, 10/7/2014 12:08:26 PM, SYSTEM, MBASUS31DEC2103, Protection, Malicious Website Protection, IP, 111.111.111.111, imgcdn.ptvcdn.net, 59344, Outbound, C:\Program Files (x86)\PANDORA.TV\PanService\KMPProcess.exe,
Detection, 10/7/2014 12:09:26 PM, SYSTEM, MBASUS31DEC2103, Protection, Malicious Website Protection, IP, 111.111.111.111, imgcdn.ptvcdn.net, 59359, Outbound, C:\Program Files (x86)\PANDORA.TV\PanService\KMPProcess.exe,
Detection, 10/7/2014 12:10:26 PM, SYSTEM, MBASUS31DEC2103, Protection, Malicious Website Protection, IP, 111.111.111.111, imgcdn.ptvcdn.net, 59400, Outbound, C:\Program Files (x86)\PANDORA.TV\PanService\KMPProcess.exe,
Detection, 10/7/2014 12:11:26 PM, SYSTEM, MBASUS31DEC2103, Protection, Malicious Website Protection, IP, 111.111.111.111, imgcdn.ptvcdn.net, 63505, Outbound, C:\Program Files (x86)\PANDORA.TV\PanService\KMPProcess.exe,
Detection, 10/7/2014 12:12:26 PM, SYSTEM, MBASUS31DEC2103, Protection, Malicious Website Protection, IP, 111.111.111.111, imgcdn.ptvcdn.net, 63522, Outbound, C:\Program Files (x86)\PANDORA.TV\PanService\KMPProcess.exe,
Detection, 10/7/2014 12:13:26 PM, SYSTEM, MBASUS31DEC2103, Protection, Malicious Website Protection, IP, 111.111.111.111, imgcdn.ptvcdn.net, 63537, Outbound, C:\Program Files (x86)\PANDORA.TV\PanService\KMPProcess.exe,
Detection, 10/7/2014 12:14:26 PM, SYSTEM, MBASUS31DEC2103, Protection, Malicious Website Protection, IP, 111.111.111.111, imgcdn.ptvcdn.net, 63557, Outbound, C:\Program Files (x86)\PANDORA.TV\PanService\KMPProcess.exe,

(end)







Malwarebytes Anti-Malware
www.malwarebytes.org

Scan Date: 10/7/2014
Scan Time: 10:48:09 AM
Logfile: 111.txt
Administrator: Yes

Version: 2.00.2.1012
Malware Database: v2014.10.07.02
Rootkit Database: v2014.09.19.01
License: Trial
Malware Protection: Enabled
Malicious Website Protection: Enabled
Self-protection: Disabled

OS: Windows 8.1
CPU: x64
File System: NTFS
User: Mark

Scan Type: Threat Scan
Result: Completed
Objects Scanned: 326274
Time Elapsed: 12 min, 53 sec

Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled

Processes: 1
PUP.Optional.Neurowise.A, C:\Program Files (x86)\neurowise\updateneurowise.exe, 5452, Delete-on-Reboot, [ab336aa78fed70c61b02b3f970915da3]

Modules: 0
(No malicious items detected)

Registry Keys: 2
PUP.Optional.Neurowise.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\Update neurowise, Quarantined, [ab336aa78fed70c61b02b3f970915da3],
PUP.Optional.Neurowise.A, HKLM\SOFTWARE\WOW6432NODE\neurowise, Quarantined, [0bd3cd4426564cea806739e0f40f25db],

Registry Values: 0
(No malicious items detected)

Registry Data: 0
(No malicious items detected)

Folders: 0
(No malicious items detected)

Files: 4
PUP.Optional.Neurowise.A, C:\Program Files (x86)\neurowise\updateneurowise.exe, Delete-on-Reboot, [ab336aa78fed70c61b02b3f970915da3],
PUP.Optional.DealioTB.A, C:\Users\Mark\AppData\Local\Temp\dlm8922.tmp\avi.codec.pack.pro.v2.4.0.setup.exe, Quarantined, [eef0de332e4eaf87592c8c9a71941ee2],
PUP.Optional.BundleInstaller.A, C:\Users\Mark\Downloads\google earth setup.exe, Quarantined, [904e20f1621a80b68cc61734629f7090],
PUP.Optional.Neurowise.A, C:\Users\Mark\AppData\Roaming\Mozilla\Firefox\Profiles\188zl65w.default\extensions\{fe651286-52a1-461b-a17a-f258b4b81968}.xpi, Quarantined, [538b8a87611bde58e900d93cb64dcc34],

Physical Sectors: 0
(No malicious items detected)


(end)











Additional scan result of Farbar Recovery Scan Tool (x64) Version: 06-10-2014 01
Ran by Mark at 2014-10-07 12:39:45
Running from C:\Users\Mark\Desktop
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Spybot - Search and Destroy (Enabled - Up to date) {20A26C15-1AF0-7CA3-9380-FAB824A7EE0D}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Spybot - Search and Destroy (Enabled - Up to date) {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

µTorrent (HKCU\...\uTorrent) (Version: 3.4.2.34024 - BitTorrent Inc.)
Adobe Flash Player 15 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 15.0.0.152 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.09) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.09 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.0 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.0.7.148 - Adobe Systems, Inc.)
Any Video Converter Professional 5.6.4 (HKLM-x32\...\Any Video Converter Professional_is1) (Version: - Any-Video-Converter.com)
Apple Application Support (HKLM-x32\...\{78002155-F025-4070-85B3-7C0453561701}) (Version: 3.0.6 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{B678797F-DF38-4556-8A31-8B818E261868}) (Version: 8.0.0.23 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
ASUS Instant Connect (HKLM-x32\...\{89ECB85A-D933-4CEA-9116-5CBC9C2ED95B}) (Version: 1.2.8 - ASUS)
ASUS InstantOn (HKLM-x32\...\{749F674B-2674-47E8-879C-5626A06B2A91}) (Version: 3.0.4 - ASUS)
ASUS LifeFrame3 (HKLM-x32\...\{1DBD1F12-ED93-49C0-A7CC-56CBDE488158}) (Version: 3.1.9 - ASUS)
ASUS Live Update (HKLM-x32\...\{FA540E67-095C-4A1B-97BA-4D547DEC9AF4}) (Version: 3.1.9 - ASUS)
ASUS Power4Gear Hybrid (HKLM\...\{9B6239BF-4E85-4590-8D72-51E30DB1A9AA}) (Version: 2.0.4 - ASUS)
ASUS Smart Gesture (HKLM-x32\...\{4D3286A6-F6AB-498A-82A4-E4F040529F3D}) (Version: 1.0.35 - ASUS)
ASUS Splendid Video Enhancement Technology (HKLM-x32\...\{0969AF05-4FF6-4C00-9406-43599238DE0D}) (Version: 1.03.0006 - ASUS)
ASUS Tutor (HKLM-x32\...\{58172D66-2F69-4215-9AEC-ED8196023736}) (Version: 1.0.6 - ASUS)
ASUS USB Charger Plus (HKLM-x32\...\{A859E3E5-C62F-4BFA-AF1D-2B95E03166AF}) (Version: 2.1.4 - ASUS)
ASUS WebStorage Sync Agent (HKLM-x32\...\ASUS WebStorage) (Version: 1.1.9.120 - ASUS Cloud Corporation)
ASUSDVD (HKLM-x32\...\InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}) (Version: 10.0.4126.52 - CyberLink Corp.)
ASUSDVD (x32 Version: 10.0.4126.52 - CyberLink Corp.) Hidden
ATK Package (HKLM-x32\...\{AB5C933E-5C7D-4D30-B314-9C83A49B94BE}) (Version: 1.0.0025 - ASUS)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Brother MFL-Pro Suite DCP-J100 (HKLM-x32\...\{B742757A-7658-4E09-A51A-085CF0F7F4D3}) (Version: 1.0.0.0 - Brother Industries, Ltd.)
calibre (HKLM-x32\...\{DFF135C9-274E-443B-B2D1-FF0FD93EE790}) (Version: 0.7.53 - Kovid Goyal)
ConvertHelper 2.2 (HKLM-x32\...\{27CC6AB1-E72B-4179-AF1A-EAE507EBAF51}_is1) (Version: - DownloadHelper)
Definition Update for Microsoft Office 2010 (KB982726) 64-Bit Edition (HKLM\...\{90140000-0017-0000-1000-0000000FF1CE}_Office14.SharePointDesigner_{42CBCE27-DE9B-4094-B9EB-D4C4C135FFA8}) (Version: - Microsoft)
D-i-v-X AVI Codec Pack Pro 2.4.0 (HKLM-x32\...\D-i-v-X - AVI Codec Pack Pro) (Version: - D-i-v-X AVI Codec Pack Pro)
DriverToolkit version 8.3.5.0 (HKLM-x32\...\{D66BF89F-B0A2-48F5-A2E4-242EB645AB76}_is1) (Version: 8.3.5.0 - Megaify Software)
Easy Duplicate Finder v. 1.4.3.0 (HKLM-x32\...\Easy Duplicate Finder_is1) (Version: - EasyDuplicateFinder.com)
Free Download Manager 3.9.4 (HKLM-x32\...\Free Download Manager_is1) (Version: - FreeDownloadManager.ORG)
Garmin USB Drivers (HKLM-x32\...\{3D5D6CFC-3097-425A-8D8F-7EAF5D57641D}) (Version: 2.3.1.0 - Garmin Ltd or its subsidiaries)
GNS400W-500W Trainer (HKLM-x32\...\{C59E019B-0952-4B72-A382-68A72224F88F}) (Version: - )
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 37.0.2062.124 - Google Inc.)
Google Drive (HKLM-x32\...\{C6640705-7479-4EE5-BC86-879F05F65E74}) (Version: 1.17.7290.4094 - Google, Inc.)
Google Earth (HKLM-x32\...\{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Update Helper (x32 Version: 1.3.24.15 - Google Inc.) Hidden
GoPro CineForm Studio 1.3.2 (HKLM-x32\...\GoPro CineForm Studio) (Version: 1.3.2 - CineForm, Inc & GoPro, Inc.)
iCloud (HKLM\...\{6096C0CC-7E19-4355-87F0-627EC5AA146D}) (Version: 4.0.3.56 - Apple Inc.)
I-Doser Premium (HKLM-x32\...\I-Doser) (Version: 5.1 - I-Doser.com)
inReach Sync (HKLM-x32\...\{1f79722c-9f58-458a-908a-b1d7a5668f5f}) (Version: 1.2.2.8929 - DeLorme)
inReach Sync (x32 Version: 1.2.2.8929 - DeLorme) Hidden
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.1.0.1252 - Intel Corporation)
Intel(R) PRO/Wireless Driver (Version: 16.01.5000.0577 - Intel Corporation) Hidden
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3308 - Intel Corporation)
Intel(R) PROSet/Wireless for Bluetooth(R) + High Speed (HKLM\...\{E77289CF-12B9-4CAB-A49E-FEAE947F4D95}) (Version: 15.5.4.0423 - Intel Corporation)
Intel(R) PROSet/Wireless Software for Bluetooth(R) Technology (HKLM\...\{7854AA22-A2F0-4F29-A2E9-D0C5A2B685E7}) (Version: 2.5.0.0236 - Motorola Solutions, Inc)
Intel(R) SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 2.0.0.37149 - Intel Corporation)
Intel(R) WiDi (HKLM\...\{6097158B-0184-4140-BEC3-7885794D2571}) (Version: 3.5.40.0 - Intel Corporation)
Intel® PROSet/Wireless Software (HKLM-x32\...\{c9967fbd-e3c3-4ed0-992a-5b33260f2944}) (Version: 16.1.5 - Intel Corporation)
Intel® PROSet/Wireless WiFi Software (Version: 16.01.5000.0269 - Intel Corporation) Hidden
Intel® Trusted Connect Service Client (Version: 1.24.388.1 - Intel Corporation) Hidden
iTunes (HKLM\...\{F46AA0F1-E284-4878-A462-5F11B9166C0E}) (Version: 11.4.0.18 - Apple Inc.)
Jawbone Updater (HKLM-x32\...\Jawbone Updater) (Version: 0.1 - Jawbone)
JustCloud (HKLM\...\JustCloud) (Version: - JustCloud)
KMP Service (HKLM-x32\...\4F6D5E84-5826-4394-9F40-3A9A19165651_is1) (Version: - KMP)
Malwarebytes Anti-Malware version 2.0.2.1012 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.2.1012 - Malwarebytes Corporation)
Media Go (HKLM-x32\...\{362AB21A-E2C4-40CE-81C2-8C4D62B0635A}) (Version: 2.4.256 - Sony)
Microsoft Office Home and Student 2013 - en-us (HKLM\...\HomeStudentRetail - en-us) (Version: 15.0.4649.1003 - Microsoft Corporation)
Microsoft Office Office 32-bit Components 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Spanish) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 32-bit MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared Setup Metadata MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office SharePoint Designer 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office SharePoint Designer MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft OneDrive (HKCU\...\OneDriveSetup.exe) (Version: 17.3.1171.0714 - Microsoft Corporation)
Microsoft SharePoint Designer 2010 (HKLM\...\Office14.SharePointDesigner) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Mobile Broadband HL Service (HKLM-x32\...\Mobile Broadband HL Service) (Version: 22.001.22.01.124 - Huawei Technologies Co.,Ltd)
MobileWiFi (HKLM-x32\...\MobileWiFi) (Version: TOOL-ConnLaucher_WIN1.12.07.00 - Huawei Technologies Co.,Ltd)
Mozilla Firefox 32.0.3 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 32.0.3 (x86 en-US)) (Version: 32.0.3 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla)
MSVCRT Redists (Version: 1.0 - Sony Creative Software Inc.) Hidden
MyFreeCodec (HKCU\...\MyFreeCodec) (Version: - )
NWZ-E380 WALKMAN Guide (HKLM-x32\...\{D98ED583-338D-4425-B2EF-A4C7FB93CE88}) (Version: 2.2.0.05230 - Sony Corporation)
Office 15 Click-to-Run Extensibility Component (x32 Version: 15.0.4649.1003 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (Version: 15.0.4649.1003 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Localization Component (x32 Version: 15.0.4649.1003 - Microsoft Corporation) Hidden
PDF Ripper 2.06 (HKLM\...\PDF Ripper_is1) (Version: 2.06 - PDF Bean, Inc.)
PDF4U Pro 3.01 (HKLM\...\PDF4U Pro_is1) (Version: 3.01 - PDF Bean Inc.)
PlayStation(R)Store (HKLM-x32\...\{0E532C84-4275-41B3-9D81-D4A1A20D8EE7}) (Version: 4.14.6.15183 - Sony Computer Entertainment Inc.)
PowerISO (HKLM-x32\...\PowerISO) (Version: 4.8 - PowerISO Computing, Inc.)
QuickTime 7 (HKLM-x32\...\{111EE7DF-FC45-40C7-98A7-753AC46B12FB}) (Version: 7.75.80.95 - Apple Inc.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.3.730.2012 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6760 - Realtek Semiconductor Corp.)
Realtek USB 2.0 Card Reader (HKLM-x32\...\{96AE7E41-E34E-47D0-AC07-1091A8127911}) (Version: 6.1.8400.30136 - Realtek Semiconductor Corp.)
Samsung Kies (HKLM-x32\...\InstallShield_{758C8301-2696-4855-AF45-534B1200980A}) (Version: 2.6.2.14014_5 - Samsung Electronics Co., Ltd.)
Samsung Kies (x32 Version: 2.6.2.14014_5 - Samsung Electronics Co., Ltd.) Hidden
SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.33.0 - SAMSUNG Electronics Co., Ltd.)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition (HKLM\...\{90140000-0017-0000-1000-0000000FF1CE}_Office14.SharePointDesigner_{98223B6C-F59E-4928-B553-43605D52ED19}) (Version: - Microsoft)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition (Version: - Microsoft) Hidden
Shared C Run-time for x64 (HKLM\...\{EF79C448-6946-4D71-8134-03407888C054}) (Version: 10.0.0 - McAfee)
Skype Click to Call (HKLM-x32\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 7.3.16540.9015 - Microsoft Corporation)
Skype™ 6.20 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 6.20.104 - Skype Technologies S.A.)
Spybot - Search & Destroy (HKLM-x32\...\{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1) (Version: 2.2.25 - Safer-Networking Ltd.)
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
The KMPlayer (remove only) (HKLM-x32\...\The KMPlayer) (Version: 3.7.0.113 - KMP Media co., Ltd)
Update for Microsoft InfoPath 2010 (KB2817369) 64-Bit Edition (HKLM\...\{90140000-0017-0000-1000-0000000FF1CE}_Office14.SharePointDesigner_{DB0B0CDF-77EC-47B0-94E2-4738573A1E58}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2589298) 64-Bit Edition (HKLM\...\{90140000-0017-0000-1000-0000000FF1CE}_Office14.SharePointDesigner_{79C725A1-3964-421C-A528-78C1C083C7C7}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2589352) 64-Bit Edition (HKLM\...\{90140000-0017-0000-1000-0000000FF1CE}_Office14.SharePointDesigner_{95BE5D45-A3DD-4CB1-8C35-D75DD7B4D862}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2589352) 64-Bit Edition (HKLM\...\{90140000-0043-0000-1000-0000000FF1CE}_Office14.SharePointDesigner_{95BE5D45-A3DD-4CB1-8C35-D75DD7B4D862}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2589375) 64-Bit Edition (HKLM\...\{90140000-0017-0000-1000-0000000FF1CE}_Office14.SharePointDesigner_{EBD18DE5-BC84-4B57-9A30-097044871F9A}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2597087) 64-Bit Edition (HKLM\...\{90140000-0017-0000-1000-0000000FF1CE}_Office14.SharePointDesigner_{4AD36582-256B-433D-8593-F31773A15CA4}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2597087) 64-Bit Edition (HKLM\...\{90140000-0043-0000-1000-0000000FF1CE}_Office14.SharePointDesigner_{4AD36582-256B-433D-8593-F31773A15CA4}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2687502) 64-Bit Edition (HKLM\...\{90140000-001F-0409-1000-0000000FF1CE}_Office14.SharePointDesigner_{B114A387-8A14-4C43-AE51-82F17EB81D49}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2760598) 64-Bit Edition (HKLM\...\{90140000-0017-0000-1000-0000000FF1CE}_Office14.SharePointDesigner_{F216169C-2B40-429B-8370-B5BA06EC5423}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2760598) 64-Bit Edition (HKLM\...\{90140000-0043-0000-1000-0000000FF1CE}_Office14.SharePointDesigner_{F216169C-2B40-429B-8370-B5BA06EC5423}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2760631) 64-Bit Edition (HKLM\...\{90140000-0017-0000-1000-0000000FF1CE}_Office14.SharePointDesigner_{B6AD7E27-012A-4B63-82BA-AF62893E5435}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2794737) 64-Bit Edition (HKLM\...\{90140000-0017-0000-1000-0000000FF1CE}_Office14.SharePointDesigner_{07DC9C6C-E916-4F42-8677-716930ED0393}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2825635) 64-Bit Edition (HKLM\...\{90140000-0017-0000-1000-0000000FF1CE}_Office14.SharePointDesigner_{6E760BBA-B83F-4C2D-918F-5F91EF6C9861}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2837581) 64-Bit Edition (HKLM\...\{90140000-0017-0000-1000-0000000FF1CE}_Office14.SharePointDesigner_{D1F3B526-7EB2-4701-92DB-0784988D78DE}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2837606) 64-Bit Edition (HKLM\...\{90140000-0017-0000-1000-0000000FF1CE}_Office14.SharePointDesigner_{52BEF8AE-9324-40A1-9A92-E5A8FB63A475}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2878252) 64-Bit Edition (HKLM\...\{90140000-0017-0000-1000-0000000FF1CE}_Office14.SharePointDesigner_{56551B9F-2FE1-4705-ACF0-8FA920535E18}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2878252) 64-Bit Edition (HKLM\...\{90140000-0043-0000-1000-0000000FF1CE}_Office14.SharePointDesigner_{56551B9F-2FE1-4705-ACF0-8FA920535E18}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2881028) 64-Bit Edition (HKLM\...\{90140000-001F-040C-1000-0000000FF1CE}_Office14.SharePointDesigner_{4B9B2BAF-EE1F-4B60-A4D9-17B7BEEB13A1}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2881028) 64-Bit Edition (HKLM\...\{90140000-001F-0C0A-1000-0000000FF1CE}_Office14.SharePointDesigner_{860EE8B1-0B9F-4A8A-91FE-649CD3C6754C}) (Version: - Microsoft)
Update for Microsoft OneNote 2010 (KB2837595) 64-Bit Edition (HKLM\...\{90140000-0043-0000-1000-0000000FF1CE}_Office14.SharePointDesigner_{3029C408-1DD1-4273-8E58-87CB1B638FC8}) (Version: - Microsoft)
Update for Microsoft SharePoint Workspace 2010 (KB2760601) 64-Bit Edition (HKLM\...\{90140000-0043-0000-1000-0000000FF1CE}_Office14.SharePointDesigner_{77374F16-2DC6-4EEF-AFAD-C59FDA2E010D}) (Version: - Microsoft)
Update for Microsoft Word 2010 (KB2880529) 64-Bit Edition (HKLM\...\{90140000-0017-0000-1000-0000000FF1CE}_Office14.SharePointDesigner_{89FDC8D9-FB84-4EFE-950D-AF4EECC3B64C}) (Version: - Microsoft)
Vegas Pro 12.0 (64-bit) (HKLM\...\{64A98EF1-2680-11E3-A909-F04DA23A5C58}) (Version: 12.0.726 - Sony)
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
VLC media player 2.0.0 (HKLM-x32\...\VLC media player) (Version: 2.0.0 - VideoLAN)
Windows Driver Package - ASUS (ATP) Mouse (10/29/2012 1.0.0.148) (HKLM\...\C01F56FBD9B141017E63E2A1A141E59934D4DC67) (Version: 10/29/2012 1.0.0.148 - ASUS)
Windows Driver Package - Cambridge Silicon Radio Ltd. (CSRBC) USB (04/21/2011 01.0.0.0) (HKLM\...\BEA7B05370C19B9C86893BB484FD6B9CC52B0CD8) (Version: 04/21/2011 01.0.0.0 - Cambridge Silicon Radio Ltd.)
Windows Driver Package - Garmin (grmnusb) GARMIN Devices (04/19/2012 2.3.1.0) (HKLM\...\98157A226B40B173301B0F53C8E98C47805D5152) (Version: 04/19/2012 2.3.1.0 - Garmin)
Windows Driver Package - GoPro (WinUSB) Universal Serial Bus devices (03/07/2012 ) (HKLM\...\0B624A43DD66DBF5CF3EDFA9741A364E688062A4) (Version: 03/07/2012 - GoPro)
WinFlash (HKLM-x32\...\{8F21291E-0444-4B1D-B9F9-4370A73E346D}) (Version: 2.41.1 - ASUS)
WinRAR 5.00 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.00.0 - win.rar GmbH)
Yahoo! Messenger (HKLM-x32\...\Yahoo! Messenger) (Version: - Yahoo! Inc.)

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

CustomCLSID: HKU\S-1-5-21-1579019205-3585864088-4210726827-1001_Classes\CLSID\{F8071786-1FD0-4A66-81A1-3CBE29274458}\InprocServer32 -> C:\Users\Mark\AppData\Local\Microsoft\SkyDrive\17.3.1171.0714\amd64\FileSyncApi64.dll (Microsoft Corporation)

==================== Restore Points =========================

18-09-2014 07:38:25 Windows Update
24-09-2014 15:10:04 Windows Update
01-10-2014 22:50:22 Scheduled Checkpoint

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2013-08-22 21:25 - 2013-08-22 21:25 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {05293577-D647-4185-B859-C94839A0B2E3} - System32\Tasks\Microsoft\Windows\SettingSync\NetworkStateChangeTask
Task: {087DED7D-AC99-4F75-A250-B62216ED8FA9} - System32\Tasks\Microsoft\Windows\Shell\FamilySafetyUpload
Task: {0B545118-B563-42FC-8D07-B78F602FCF34} - System32\Tasks\Microsoft\Windows\WS\WSRefreshBannedAppsListTask => Rundll32.exe WSClient.dll,RefreshBannedAppsList
Task: {0C641BE9-788E-477D-93C1-4207CFB0B58B} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-01-13] (Google Inc.)
Task: {11D49DAE-915C-44FE-84EE-FC1064000A1F} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-01-13] (Google Inc.)
Task: {1FFB6638-C088-4D2F-BEF7-8E25E008BE5E} - System32\Tasks\{1DC34C3C-9BFD-4856-9843-F32BC48A8A98} => Firefox.exe http://ui.skype.com/ui/0/6.20.0.104/en/go/help.faq.installer?LastError=1618
Task: {2085BF56-520D-4951-B7C0-DF34AF90CC6A} - System32\Tasks\Microsoft\Windows\Sysmain\WsSwapAssessmentTask => Rundll32.exe sysmain.dll,PfSvWsSwapAssessmentTask
Task: {26AA878B-F090-4957-80DE-9225CDCC573B} - System32\Tasks\Microsoft Office 15 Sync Maintenance for MBASUS31DEC2103-Mark MBAsus31Dec2103 => C:\Program Files\Microsoft Office 15\Root\Office15\MsoSync.exe [2014-09-28] (Microsoft Corporation)
Task: {2C9C0C6C-2A74-46F2-858A-4389D253EAD0} - System32\Tasks\Microsoft\Windows\Sysmain\HybridDriveCachePrepopulate
Task: {2EF60F10-7206-4557-A756-238A72FFBAB4} - System32\Tasks\Microsoft\Windows\DiskCleanup\SilentCleanup => C:\Windows\system32\cleanmgr.exe [2014-02-22] (Microsoft Corporation)
Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => C:\Windows\System32\AutoWorkplace.exe [2013-08-22] (Microsoft Corporation)
Task: {3A22A094-3865-4A43-AC28-6B49BCAC62C7} - System32\Tasks\Microsoft\Windows\WOF\WIM-Hash-Management
Task: {3B6D8A73-F20B-4C93-B8FB-56A154F172D2} - System32\Tasks\Microsoft\Windows\Time Zone\SynchronizeTimeZone => C:\Windows\system32\tzsync.exe [2013-08-22] (Microsoft Corporation)
Task: {49754026-21E1-41FC-94FD-727AFE414FE7} - System32\Tasks\Microsoft\Windows\Sysmain\HybridDriveCacheRebalance
Task: {51E3A16F-FF47-4BF9-941B-A7F998BE8D4A} - System32\Tasks\ASUS USB Charger Plus => C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe [2012-07-25] (ASUSTek Computer Inc.)
Task: {61AC5CCE-0EAD-4163-8475-1DCE870825A5} - System32\Tasks\Microsoft OneDrive Auto Update Task-S-1-5-21-1579019205-3585864088-4210726827-1001 => %localappdata%\Microsoft\SkyDrive\SkyDrive.exe
Task: {68C8F863-269D-423D-ABDD-98A2170DA3C0} - System32\Tasks\ASUS P4G => C:\Program Files\ASUS\P4G\BatteryLife.exe [2012-08-25] (ASUS)
Task: {6AA91E8C-DDBD-4979-8464-4062F7681A19} - System32\Tasks\Microsoft\Windows\Plug and Play\Plug and Play Cleanup
Task: {6DFCB649-0769-4F83-BB10-F60F235F6D3D} - System32\Tasks\Microsoft\Windows\SkyDrive\Idle Sync Maintenance Task
Task: {71B41782-F774-4025-8B9B-88E85BC0D8D9} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Scan the system => C:\Program Files (x86)\Spybot - Search &amp; Destroy 2\SDScan.exe
Task: {73B1B253-CE67-4501-AE1A-377DD1D68B65} - System32\Tasks\Microsoft\Windows\Application Experience\StartupAppTask => Rundll32.exe Startupscan.dll,SusRunTask
Task: {77F1D869-6E65-4079-A2A0-E2023408EF97} - System32\Tasks\Microsoft\Windows\ApplicationData\CleanupTemporaryState => Rundll32.exe Windows.Storage.ApplicationData.dll,CleanupTemporaryState
Task: {780052BD-DE61-4710-A418-CBE299CCF3E6} - System32\Tasks\ASUS Touchpad Launcher (x64) => C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLauncher.exe [2012-11-01] (AsusTek)
Task: {7F6A4113-C15A-4BA4-8E51-46B6AC7A4359} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Refresh immunization => C:\Program Files (x86)\Spybot - Search &amp; Destroy 2\SDImmunize.exe
Task: {872D0E53-FD2E-41E3-B431-698AF82882CE} - System32\Tasks\Microsoft\Windows\SkyDrive\Routine Maintenance Task
Task: {8CC813C9-712A-41EF-9512-B233444FC669} - System32\Tasks\Microsoft\Windows\AppxDeploymentClient\Pre-staged app cleanup => Rundll32.exe %windir%\system32\AppxDeploymentClient.dll,AppxPreStageCleanupRunTask
Task: {8E62818F-FF37-4F75-8CA9-6645359B0199} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2014-09-18] (Microsoft Corporation)
Task: {97EF2A86-49CE-4190-84E6-8E191D4A03DC} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {9C5E3C4C-0643-42F2-B318-4A868A648797} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Check for updates => C:\Program Files (x86)\Spybot - Search &amp; Destroy 2\SDUpdate.exe
Task: {9FF4C139-5234-410C-B7FA-23EE2FD2AB53} - System32\Tasks\Microsoft\Windows\Work Folders\Work Folders Maintenance Work
Task: {A51ECFD5-943B-42DA-974E-69D9E3FE287C} - System32\Tasks\ASUS Live Update => C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe [2012-08-23] (ASUSTeK Computer Inc.)
Task: {AC9BEFB8-14EA-462E-9F21-B917407119B3} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2014-08-12] (Microsoft Corporation)
Task: {CB1D65C4-27E6-4990-95E2-0C95A9D91C07} - System32\Tasks\Microsoft\Windows\DiskFootprint\Diagnostics
Task: {CFD7C21A-808B-487B-A6EC-8A10E44E8360} - System32\Tasks\Microsoft\Windows\SettingSync\BackupTask
Task: {D33DB75C-903E-4DCA-A19F-B58F99072265} - System32\Tasks\Microsoft\Windows\WOF\WIM-Hash-Validation
Task: {D3BC28FE-5BDB-4BBE-8F33-32B9071547EE} - System32\Tasks\Microsoft\Windows\WindowsUpdate\Scheduled Start With Network => Sc.exe start wuauserv
Task: {D88FEC9E-A82A-46F9-87E2-B6B97B301C1A} - System32\Tasks\Microsoft\Windows\WS\License Validation => Rundll32.exe WSClient.dll,WSpTLR licensing
Task: {DA46820F-FF8A-4B5E-A6B2-B12185DCFFFB} - System32\Tasks\Microsoft\Windows\Work Folders\Work Folders Logon Synchronization
Task: {E6D378FA-E068-4BCB-80DE-56D43A249507} - System32\Tasks\Microsoft\Windows\RecoveryEnvironment\VerifyWinRE
Task: {EAAD3020-1CF7-48C8-824B-B276CEE29271} - System32\Tasks\ASUS Splendid ACMON => C:\Program Files (x86)\ASUS\Splendid\ACMON.exe [2012-10-18] (ASUS)
Task: {F0449E19-D09D-4A59-94A1-9B641FAB0053} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-09-11] (Adobe Systems Incorporated)
Task: {F5A7808C-566A-4310-80C5-AADE8ECD83DD} - System32\Tasks\ASUS InstantOn Config => C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnCfg.exe [2012-09-25] (ASUS)
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2014-03-04 09:24 - 2014-05-20 13:19 - 00105640 _____ () C:\Program Files\Microsoft Office 15\ClientX64\ApiClient.dll
2013-04-10 13:58 - 2013-04-10 13:58 - 00351824 _____ () C:\ProgramData\DatacardService\HWDeviceService64.exe
2014-03-03 22:38 - 2013-07-23 11:47 - 00239696 _____ () C:\ProgramData\MobileBrServ\mbbservice.exe
2014-09-28 08:09 - 2014-09-28 08:09 - 08894120 _____ () C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\1033\GrooveIntlResource.dll
2012-08-25 09:26 - 2012-08-25 09:26 - 00031360 _____ () C:\Program Files\ASUS\P4G\DevMng.dll
2013-10-02 05:02 - 2013-10-02 05:02 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2012-10-18 01:51 - 2012-10-18 01:51 - 00168664 _____ () C:\Program Files (x86)\ASUS\Splendid\ColorUService.exe
2014-02-13 00:58 - 2014-02-13 00:58 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2014-02-13 00:58 - 2014-02-13 00:58 - 01044808 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2014-01-14 16:50 - 2012-08-24 02:38 - 00574840 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\sqlite3.dll
2014-01-14 16:50 - 2013-05-17 02:55 - 00113496 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlThirdParty150.bpl
2014-01-14 16:50 - 2013-05-17 02:55 - 00416600 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\DEC150.bpl
2014-01-14 16:50 - 2013-05-17 02:55 - 00161112 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlFileFormats150.bpl
2014-01-14 16:50 - 2012-04-04 09:06 - 00565640 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\av\BDSmartDB.dll
2014-01-03 14:28 - 2012-10-23 03:21 - 01277952 _____ () C:\Program Files (x86)\PANDORA.TV\PanService\avformat-53.dll
2014-01-03 14:28 - 2011-12-07 08:19 - 00133632 _____ () C:\Program Files (x86)\PANDORA.TV\PanService\avutil-51.dll
2014-01-03 14:28 - 2012-07-10 09:57 - 02090496 _____ () C:\Program Files (x86)\PANDORA.TV\PanService\avcodec-53.dll
2014-01-03 14:28 - 2012-03-24 02:07 - 00224768 _____ () C:\Program Files (x86)\PANDORA.TV\PanService\libupnp.dll
2014-10-07 11:04 - 2014-10-07 11:04 - 00098816 _____ () C:\Users\Mark\AppData\Local\Temp\_MEI69482\win32api.pyd
2014-10-07 11:04 - 2014-10-07 11:04 - 00110080 _____ () C:\Users\Mark\AppData\Local\Temp\_MEI69482\pywintypes27.dll
2014-10-07 11:04 - 2014-10-07 11:04 - 00364544 _____ () C:\Users\Mark\AppData\Local\Temp\_MEI69482\pythoncom27.dll
2014-10-07 11:04 - 2014-10-07 11:04 - 00045568 _____ () C:\Users\Mark\AppData\Local\Temp\_MEI69482\_socket.pyd
2014-10-07 11:04 - 2014-10-07 11:04 - 01160704 _____ () C:\Users\Mark\AppData\Local\Temp\_MEI69482\_ssl.pyd
2014-10-07 11:04 - 2014-10-07 11:04 - 00320512 _____ () C:\Users\Mark\AppData\Local\Temp\_MEI69482\win32com.shell.shell.pyd
2014-10-07 11:04 - 2014-10-07 11:04 - 00713216 _____ () C:\Users\Mark\AppData\Local\Temp\_MEI69482\_hashlib.pyd
2014-10-07 11:04 - 2014-10-07 11:04 - 01175040 _____ () C:\Users\Mark\AppData\Local\Temp\_MEI69482\wx._core_.pyd
2014-10-07 11:04 - 2014-10-07 11:04 - 00805888 _____ () C:\Users\Mark\AppData\Local\Temp\_MEI69482\wx._gdi_.pyd
2014-10-07 11:04 - 2014-10-07 11:04 - 00811008 _____ () C:\Users\Mark\AppData\Local\Temp\_MEI69482\wx._windows_.pyd
2014-10-07 11:04 - 2014-10-07 11:04 - 01062400 _____ () C:\Users\Mark\AppData\Local\Temp\_MEI69482\wx._controls_.pyd
2014-10-07 11:04 - 2014-10-07 11:04 - 00735232 _____ () C:\Users\Mark\AppData\Local\Temp\_MEI69482\wx._misc_.pyd
2014-10-07 11:04 - 2014-10-07 11:04 - 00128512 _____ () C:\Users\Mark\AppData\Local\Temp\_MEI69482\_elementtree.pyd
2014-10-07 11:04 - 2014-10-07 11:04 - 00127488 _____ () C:\Users\Mark\AppData\Local\Temp\_MEI69482\pyexpat.pyd
2014-10-07 11:04 - 2014-10-07 11:04 - 00557056 _____ () C:\Users\Mark\AppData\Local\Temp\_MEI69482\pysqlite2._sqlite.pyd
2014-10-07 11:04 - 2014-10-07 11:04 - 00007168 _____ () C:\Users\Mark\AppData\Local\Temp\_MEI69482\hashobjs_ext.pyd
2014-10-07 11:04 - 2014-10-07 11:04 - 00087552 _____ () C:\Users\Mark\AppData\Local\Temp\_MEI69482\_ctypes.pyd
2014-10-07 11:04 - 2014-10-07 11:04 - 00119808 _____ () C:\Users\Mark\AppData\Local\Temp\_MEI69482\win32file.pyd
2014-10-07 11:04 - 2014-10-07 11:04 - 00108544 _____ () C:\Users\Mark\AppData\Local\Temp\_MEI69482\win32security.pyd
2014-10-07 11:04 - 2014-10-07 11:04 - 00018432 _____ () C:\Users\Mark\AppData\Local\Temp\_MEI69482\win32event.pyd
2014-10-07 11:04 - 2014-10-07 11:04 - 00038912 _____ () C:\Users\Mark\AppData\Local\Temp\_MEI69482\win32inet.pyd
2014-10-07 11:04 - 2014-10-07 11:04 - 00070656 _____ () C:\Users\Mark\AppData\Local\Temp\_MEI69482\wx._html2.pyd
2014-10-07 11:04 - 2014-10-07 11:04 - 00167936 _____ () C:\Users\Mark\AppData\Local\Temp\_MEI69482\win32gui.pyd
2014-10-07 11:04 - 2014-10-07 11:04 - 00011264 _____ () C:\Users\Mark\AppData\Local\Temp\_MEI69482\win32crypt.pyd
2014-10-07 11:04 - 2014-10-07 11:04 - 00027136 _____ () C:\Users\Mark\AppData\Local\Temp\_MEI69482\_multiprocessing.pyd
2014-10-07 11:04 - 2014-10-07 11:04 - 00686080 _____ () C:\Users\Mark\AppData\Local\Temp\_MEI69482\unicodedata.pyd
2014-10-07 11:04 - 2014-10-07 11:04 - 00122368 _____ () C:\Users\Mark\AppData\Local\Temp\_MEI69482\wx._wizard.pyd
2014-10-07 11:04 - 2014-10-07 11:04 - 00010240 _____ () C:\Users\Mark\AppData\Local\Temp\_MEI69482\select.pyd
2014-10-07 11:04 - 2014-10-07 11:04 - 00024064 _____ () C:\Users\Mark\AppData\Local\Temp\_MEI69482\win32pipe.pyd
2014-10-07 11:04 - 2014-10-07 11:04 - 00025600 _____ () C:\Users\Mark\AppData\Local\Temp\_MEI69482\win32pdh.pyd
2014-10-07 11:04 - 2014-10-07 11:04 - 00525640 _____ () C:\Users\Mark\AppData\Local\Temp\_MEI69482\windows._lib_cacheinvalidation.pyd
2014-10-07 11:04 - 2014-10-07 11:04 - 00035840 _____ () C:\Users\Mark\AppData\Local\Temp\_MEI69482\win32process.pyd
2014-10-07 11:04 - 2014-10-07 11:04 - 00017408 _____ () C:\Users\Mark\AppData\Local\Temp\_MEI69482\win32profile.pyd
2014-10-07 11:04 - 2014-10-07 11:04 - 00022528 _____ () C:\Users\Mark\AppData\Local\Temp\_MEI69482\win32ts.pyd
2014-10-07 11:04 - 2014-10-07 11:04 - 00078336 _____ () C:\Users\Mark\AppData\Local\Temp\_MEI69482\wx._animate.pyd
2014-09-28 08:09 - 2014-09-28 08:09 - 00316576 _____ () C:\Program Files\Microsoft Office 15\Root\VFS\ProgramFilesCommonX86\Microsoft Shared\OFFICE15\AppVIsvStream32.dll
2014-08-08 12:06 - 2009-02-27 21:38 - 00139264 ____R () C:\Program Files (x86)\Brother\BrUtilities\BrLogAPI.dll
2012-10-18 01:51 - 2012-10-18 01:51 - 00011776 _____ () C:\Program Files (x86)\ASUS\Splendid\GLCDdll.dll
2013-01-15 12:13 - 2012-06-25 10:41 - 01198912 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\ACE.dll
2014-07-31 10:47 - 2014-09-30 18:20 - 03715184 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
2014-10-07 10:25 - 2014-10-07 10:25 - 00284160 _____ () C:\ProgramData\Free Download Manager\Firefox\Extensions\1.6.0.8\components\vmsfdmff30.dll
2014-05-05 13:57 - 2014-04-22 21:52 - 00106496 _____ () C:\Program Files (x86)\Free Download Manager\fdmumsp.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)

AlternateDataStreams: C:\ProgramData\Temp:054203E4
AlternateDataStreams: C:\Users\Mark\SkyDrive:ms-properties

==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)

HKLM\...\StartupApproved\StartupFolder: => "CineForm Status.lnk"
HKLM\...\StartupApproved\Run: => "Logitech Download Assistant"
HKLM\...\StartupApproved\Run32: => "KiesTrayAgent"
HKCU\...\StartupApproved\Run: => "SkyDrive"
HKCU\...\StartupApproved\Run: => "Skype"
HKCU\...\StartupApproved\Run: => "Messenger (Yahoo!)"
HKCU\...\StartupApproved\Run: => "uTorrent"
HKCU\...\StartupApproved\Run: => "KiesPreload"

========================= Accounts: ==========================

Administrator (S-1-5-21-1579019205-3585864088-4210726827-500 - Administrator - Disabled)
Guest (S-1-5-21-1579019205-3585864088-4210726827-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-1579019205-3585864088-4210726827-1003 - Limited - Enabled)
Mark (S-1-5-21-1579019205-3585864088-4210726827-1001 - Administrator - Enabled) => C:\Users\Mark

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (10/07/2014 11:00:34 AM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: 80070005


System errors:
=============
Error: (10/07/2014 11:02:53 AM) (Source: DCOM) (EventID: 10010) (User: MBASUS31DEC2103)
Description: {9E6E74C7-0E85-4D14-8851-7635E2C1C528}

Error: (10/07/2014 11:02:23 AM) (Source: DCOM) (EventID: 10010) (User: MBASUS31DEC2103)
Description: {9E6E74C7-0E85-4D14-8851-7635E2C1C528}

Error: (10/07/2014 10:56:52 AM) (Source: DCOM) (EventID: 10010) (User: MBASUS31DEC2103)
Description: {9E6E74C7-0E85-4D14-8851-7635E2C1C528}

Error: (10/07/2014 10:56:22 AM) (Source: DCOM) (EventID: 10010) (User: MBASUS31DEC2103)
Description: {9E6E74C7-0E85-4D14-8851-7635E2C1C528}

Error: (10/07/2014 10:50:50 AM) (Source: DCOM) (EventID: 10010) (User: MBASUS31DEC2103)
Description: {9E6E74C7-0E85-4D14-8851-7635E2C1C528}

Error: (10/07/2014 10:50:20 AM) (Source: DCOM) (EventID: 10010) (User: MBASUS31DEC2103)
Description: {9E6E74C7-0E85-4D14-8851-7635E2C1C528}

Error: (10/07/2014 10:44:48 AM) (Source: DCOM) (EventID: 10010) (User: MBASUS31DEC2103)
Description: {9E6E74C7-0E85-4D14-8851-7635E2C1C528}

Error: (10/07/2014 10:44:18 AM) (Source: DCOM) (EventID: 10010) (User: MBASUS31DEC2103)
Description: {9E6E74C7-0E85-4D14-8851-7635E2C1C528}

Error: (10/07/2014 10:43:47 AM) (Source: DCOM) (EventID: 10010) (User: MBASUS31DEC2103)
Description: {9E6E74C7-0E85-4D14-8851-7635E2C1C528}

Error: (10/07/2014 10:43:17 AM) (Source: DCOM) (EventID: 10010) (User: MBASUS31DEC2103)
Description: {9E6E74C7-0E85-4D14-8851-7635E2C1C528}


Microsoft Office Sessions:
=========================
Error: (10/07/2014 11:00:34 AM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: 80070005


==================== Memory info ===========================

Processor: Intel(R) Core(TM) i7-3632QM CPU @ 2.20GHz
Percentage of memory in use: 32%
Total physical RAM: 8081.76 MB
Available physical RAM: 5434.8 MB
Total Pagefile: 9361.76 MB
Available Pagefile: 6374.54 MB
Total Virtual: 131072 MB
Available Virtual: 131071.8 MB

==================== Drives ================================

Drive c: (OS) (Fixed) (Total:178.51 GB) (Free:12.06 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive d: (Data) (Fixed) (Total:247.26 GB) (Free:17.24 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 447.1 GB) (Disk ID: 8100DCBC)

Partition: GPT Partition Type.

==================== End Of Log ============================










Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 06-10-2014 01
Ran by Mark (administrator) on MBASUS31DEC2103 on 07-10-2014 12:38:37
Running from C:\Users\Mark\Desktop
Loaded Profile: Mark (Available profiles: Mark)
Platform: Windows 8.1 (X64) OS Language: English (United States)
Internet Explorer Version 11
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(ASUS) C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnSrv.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
() C:\ProgramData\DatacardService\HWDeviceService64.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
() C:\ProgramData\MobileBrServ\mbbService.exe
(Pandora.TV) C:\Program Files (x86)\PANDORA.TV\PanService\KMPService.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
(PandoraTV) C:\Program Files (x86)\PANDORA.TV\PanService\KMPProcess.exe
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
(ASUS) C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnWMI.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe
(Huawei Technologies Co., Ltd.) C:\ProgramData\DatacardService\DCSHelper.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(ASUS) C:\Program Files\ASUS\P4G\BatteryLife.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLoader.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.24.15\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.24.15\GoogleCrashHandler64.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\QuickGesture\x64\QuickGesture64.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\QuickGesture\x86\QuickGesture.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPCenter.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPHelper.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
(Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe
(Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonX86\Microsoft Shared\OFFICE15\CSISYNCCLIENT.EXE
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
(CyberLink Corp.) C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\Brother\Brother Help\BrotherHelp.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\ControlCenter4\BrCtrlCntr.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\Browny02\BrYNSvc.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\ControlCenter4\BrCcUxSys.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(ASUS) C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
() C:\Program Files (x86)\ASUS\Splendid\ColorUService.exe
(ASUSTeK) C:\Windows\SysWOW64\ACEngSvr.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.Reader_6.3.9654.17044_x64__8wekyb3d8bbwe\glcnd.exe
(Intel Corporation) C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
(Intel(R) Corporation) C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_15_0_0_152.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_15_0_0_152.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13213328 2012-10-18] (Realtek Semiconductor)
HKLM\...\Run: [BTMTrayAgent] => rundll32.exe "C:\Program Files (x86)\Intel\Bluetooth\btmshell.dll",TrayApp
HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch
HKLM-x32\...\Run: [Adobe Reader Speed Launcher] => "C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe"
HKLM-x32\...\Run: [RemoteControl10] => C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe [91432 2012-03-29] (CyberLink Corp.)
HKLM-x32\...\Run: [ASUSWebStorage] => C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.9.120\AsusWSPanel.exe [3417984 2012-08-28] (ASUS Cloud Corporation)
HKLM-x32\...\Run: [SDTray] => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe [5624784 2013-07-26] (Safer-Networking Ltd.)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959176 2014-08-22] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [KiesTrayAgent] => C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe [311616 2014-02-03] (Samsung Electronics Co., Ltd.)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2014-01-17] (Apple Inc.)
HKLM-x32\...\Run: [ControlCenter4] => C:\Program Files (x86)\ControlCenter4\BrCcBoot.exe [139264 2013-05-15] (Brother Industries, Ltd.)
HKLM-x32\...\Run: [BrStsMon00] => C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe [4522496 2012-12-27] (Brother Industries, Ltd.)
HKLM-x32\...\Run: [BrHelp] => C:\Program Files (x86)\Brother\Brother Help\BrotherHelp.exe [2009088 2013-01-18] (Brother Industries, Ltd.)
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2014-09-01] (Apple Inc.)
Winlogon\Notify\igfxcui: C:\WINDOWS\system32\igfxdev.dll (Intel Corporation)
Winlogon\Notify\SDWinLogon-x32: SDWinLogon.dll [X]
HKU\S-1-5-21-1579019205-3585864088-4210726827-1001\...\Run: [SkyDrive] => C:\Users\Mark\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe [251040 2014-08-08] (Microsoft Corporation)
HKU\S-1-5-21-1579019205-3585864088-4210726827-1001\...\Run: [Messenger (Yahoo!)] => C:\Program Files (x86)\Yahoo!\Messenger\YahooMessenger.exe [6595928 2012-05-25] (Yahoo! Inc.)
HKU\S-1-5-21-1579019205-3585864088-4210726827-1001\...\Run: [uTorrent] => C:\Users\Mark\AppData\Roaming\uTorrent\uTorrent.exe [1416016 2014-09-25] (BitTorrent Inc.)
HKU\S-1-5-21-1579019205-3585864088-4210726827-1001\...\Run: [KiesPreload] => C:\Program Files (x86)\Samsung\Kies\Kies.exe [1564992 2014-02-03] (Samsung)
HKU\S-1-5-21-1579019205-3585864088-4210726827-1001\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [43816 2014-08-08] (Apple Inc.)
HKU\S-1-5-21-1579019205-3585864088-4210726827-1001\...\Run: [ApplePhotoStreams] => C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe [43816 2014-08-14] (Apple Inc.)
HKU\S-1-5-21-1579019205-3585864088-4210726827-1001\...\Run: [GoogleDriveSync] => C:\Program Files (x86)\Google\Drive\googledrivesync.exe [22734160 2014-08-08] (Google)
HKU\S-1-5-21-1579019205-3585864088-4210726827-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [22041192 2014-08-27] (Skype Technologies S.A.)
HKU\S-1-5-21-1579019205-3585864088-4210726827-1001\...\Run: [Spybot-S&D Cleaning] => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDCleaner.exe [3666224 2013-09-21] (Safer-Networking Ltd.)
HKU\S-1-5-21-1579019205-3585864088-4210726827-1001\...\MountPoints2: {01114c1d-0764-11e4-bea6-582c80139263} - "G:\AutoRun.exe"
HKU\S-1-5-21-1579019205-3585864088-4210726827-1001\...\MountPoints2: {055c0a3a-d0fe-11e3-be96-84a6c8e4c414} - "G:\AutoRun.exe"
HKU\S-1-5-21-1579019205-3585864088-4210726827-1001\...\MountPoints2: {140c7816-36ad-11e4-beb2-84a6c8e4c414} - "G:\AutoRun.exe"
HKU\S-1-5-21-1579019205-3585864088-4210726827-1001\...\MountPoints2: {17800a7f-34c5-11e4-beb0-84a6c8e4c414} - "G:\AutoRun.exe"
HKU\S-1-5-21-1579019205-3585864088-4210726827-1001\...\MountPoints2: {17800f34-34c5-11e4-beb0-84a6c8e4c414} - "G:\AutoRun.exe"
HKU\S-1-5-21-1579019205-3585864088-4210726827-1001\...\MountPoints2: {25fe3a0a-bcbd-11e3-be92-582c80139263} - "H:\LaunchU3.exe" -a
HKU\S-1-5-21-1579019205-3585864088-4210726827-1001\...\MountPoints2: {6c4768c9-078b-11e4-bea7-84a6c8e4c414} - "G:\AutoRun.exe"
HKU\S-1-5-21-1579019205-3585864088-4210726827-1001\...\MountPoints2: {6c477ef7-078b-11e4-bea7-84a6c8e4c414} - "G:\AutoRun.exe"
HKU\S-1-5-21-1579019205-3585864088-4210726827-1001\...\MountPoints2: {6c4780a4-078b-11e4-bea7-84a6c8e4c414} - "G:\AutoRun.exe"
HKU\S-1-5-21-1579019205-3585864088-4210726827-1001\...\MountPoints2: {fd22fcb2-a2dd-11e3-be87-84a6c8e4c414} - "G:\AutoRun.exe"
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\CineForm Status.lnk
ShortcutTarget: CineForm Status.lnk -> C:\Program Files (x86)\CineForm\Tools\GoProCineFormStatusViewer.exe (GoPro)
Startup: C:\Users\Mark\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Launch Jawbone Updater.lnk
ShortcutTarget: Launch Jawbone Updater.lnk -> C:\Program Files (x86)\Jawbone\LaunchJU.exe ()
ShellIconOverlayIdentifiers: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => No File
ShellIconOverlayIdentifiers: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => No File
ShellIconOverlayIdentifiers: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => No File
ShellIconOverlayIdentifiers: [ SkyDrivePro1 (ErrorConflict)] -> {8BA85C75-763B-4103-94EB-9470F12FE0F7} => C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ SkyDrivePro2 (SyncInProgress)] -> {CD55129A-B1A1-438E-A425-CEBC7DC684EE} => C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ SkyDrivePro3 (InSync)] -> {E768CD3B-BDDC-436D-9C13-E1B39CA257B1} => C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
ShellIconOverlayIdentifiers: [AsusWSShellExt_B] -> {6D4133E5-0742-4ADC-8A8C-9303440F7190} => C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.9.120\ASUSWSShellExt64.dll (ASUS Cloud Corporation.)
ShellIconOverlayIdentifiers: [AsusWSShellExt_O] -> {64174815-8D98-4CE6-8646-4C039977D808} => C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.9.120\ASUSWSShellExt64.dll (ASUS Cloud Corporation.)
ShellIconOverlayIdentifiers: [AsusWSShellExt_U] -> {1C5AB7B1-0B38-4EC4-9093-7FD277E2AF4D} => C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.9.120\ASUSWSShellExt64.dll (ASUS Cloud Corporation.)
ShellIconOverlayIdentifiers-x32: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => No File
ShellIconOverlayIdentifiers-x32: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => No File
ShellIconOverlayIdentifiers-x32: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => No File

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
BHO-x32: Free Download Manager -> {CC59E0F9-7E43-44FA-9FAA-8377850BF205} -> C:\Program Files (x86)\Free Download Manager\iefdm2.dll (FreeDownloadManager.ORG)
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.100.1

FireFox:
========
FF ProfilePath: C:\Users\Mark\AppData\Roaming\Mozilla\Firefox\Profiles\188zl65w.default
FF Homepage: https://www.facebook.com/mark.burke.77|https://mail.google.com/mail/u/0/?pli=1#inbox|https://www.siriusxm.com/player/#view=login
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_15_0_0_152.dll ()
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_152.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1207148.dll (Adobe Systems, Inc.)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @divx.com/DivX Browser Plugin,version=1.0.0 -> C:\WINDOWS\system32\C2MP\npdivx32.dll No File
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6 -> C:\Program Files (x86)\Yahoo!\Shared\npYState.dll (Yahoo! Inc.)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @SonyCreativeSoftware.com/Media Go,version=1.0 -> C:\Program Files (x86)\Sony\Media Go\npmediago.dll (Sony Network Entertainment International LLC)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.0 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Extension: iCloud Bookmarks - C:\Users\Mark\AppData\Roaming\Mozilla\Firefox\Profiles\188zl65w.default\Extensions\firefoxdav@icloud.com [2014-06-17]
FF Extension: Garmin Communicator - C:\Users\Mark\AppData\Roaming\Mozilla\Firefox\Profiles\188zl65w.default\Extensions\{195A3098-0BD5-4e90-AE22-BA1C540AFD1E} [2014-04-21]
FF Extension: DownloadHelper - C:\Users\Mark\AppData\Roaming\Mozilla\Firefox\Profiles\188zl65w.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d} [2014-09-06]
FF Extension: Route Rat - C:\Users\Mark\AppData\Roaming\Mozilla\Firefox\Profiles\188zl65w.default\Extensions\jid1-gj6Yirk3s75wkA@jetpack.xpi [2014-05-05]
FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2014-07-14]
FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK
FF Extension: Free Download Manager plugin - C:\ProgramData\Free Download Manager\Firefox\Extensions\1.6.0.8 [2014-10-07]

Chrome:
=======
CHR HomePage: Default -> 4C8A98960D04E225290065E98CF390B477E949F9D6CE94A608E65DA261BBA7D8
CHR DefaultSearchKeyword: Default -> 38D0AAB7A5CCD641CDDF5C784C33DF3535117274E8E7A0E9E6816BFE9B621399
CHR DefaultSearchURL: Default -> A9F2CB76508DBA89C7A2EA9D2A6B9B09A88EC6CD07448E80B1CF064D9D3C6E62
CHR Profile: C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Docs) - C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-01-13]
CHR Extension: (Google Drive) - C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-01-13]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-07-31]
CHR Extension: (YouTube) - C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-01-13]
CHR Extension: (Google Search) - C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-01-13]
CHR Extension: (Google Wallet) - C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-01-13]
CHR Extension: (Gmail) - C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-01-13]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2014-07-14]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 ASUS InstantOn; C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnSrv.exe [277120 2012-04-14] (ASUS)
R3 BrYNSvc; C:\Program Files (x86)\Browny02\BrYNSvc.exe [282112 2012-10-26] (Brother Industries, Ltd.) [File not signed]
R3 BthHFSrv; C:\Windows\System32\BthHFSrv.dll [321024 2013-08-22] (Microsoft Corporation)
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1390176 2014-07-14] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1767520 2014-07-14] (Microsoft Corporation)
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2428088 2014-08-12] (Microsoft Corporation)
R2 HWDeviceService64.exe; C:\ProgramData\DatacardService\HWDeviceService64.exe [351824 2013-04-10] ()
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [165760 2012-07-17] (Intel Corporation)
R3 KeyIso; C:\Windows\SysWOW64\keyiso.dll [44032 2013-08-22] (Microsoft Corporation)
S3 lfsvc; C:\Windows\SysWOW64\GeofenceMonitorService.dll [357376 2014-03-14] (Microsoft Corporation)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1809720 2014-05-12] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [860472 2014-05-12] (Malwarebytes Corporation)
R2 Mobile Broadband HL Service; C:\ProgramData\MobileBrServ\mbbservice.exe [239696 2013-07-23] ()
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [273136 2013-08-29] ()
S3 Netlogon; C:\Windows\SysWOW64\netlogon.dll [688640 2014-03-06] (Microsoft Corporation)
R2 PanService; C:\Program Files (x86)\PANDORA.TV\PanService\KMPService.exe [1922600 2013-07-09] (Pandora.TV)
R2 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [3921880 2013-10-16] (Safer-Networking Ltd.)
R2 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [1042272 2013-09-21] (Safer-Networking Ltd.)
R2 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [171416 2013-09-14] (Safer-Networking Ltd.)
S3 smphost; C:\Windows\SysWOW64\smphost.dll [11776 2013-08-22] (Microsoft Corporation)
S3 StorSvc; C:\Windows\SysWOW64\storsvc.dll [18944 2013-08-22] (Microsoft Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347880 2014-03-24] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2014-03-24] (Microsoft Corporation)
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3378416 2013-08-29] (Intel® Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R3 ATP; C:\Windows\System32\drivers\AsusTP.sys [61824 2012-11-01] (ASUS Corporation)
R3 BthA2DP; C:\Windows\system32\drivers\BthA2DP.sys [131584 2013-08-22] (Microsoft Corporation)
R3 BthHFAud; C:\Windows\system32\DRIVERS\BthHfAud.sys [32640 2013-08-22] (Microsoft Corporation)
R3 BthLEEnum; C:\Windows\System32\drivers\BthLEEnum.sys [226304 2013-12-05] (Microsoft Corporation)
R3 kbfiltr; C:\Windows\System32\drivers\kbfiltr.sys [14992 2012-08-02] ( )
S3 libusb0; C:\Windows\system32\DRIVERS\libusb0.sys [52320 2014-08-15] (http://libusb-win32.sourceforge.net)
R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [25816 2014-05-12] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [122584 2014-10-07] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\WINDOWS\system32\drivers\mwac.sys [64216 2014-05-12] (Malwarebytes Corporation)
R3 NETwNe64; C:\Windows\system32\DRIVERS\Netwew00.sys [3345376 2013-10-09] (Intel Corporation)
R3 usb3Hub; C:\Windows\System32\drivers\usb3Hub.sys [47072 2012-10-10] (Windows (R) Win 7 DDK provider)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [123224 2014-03-24] (Microsoft Corporation)
R3 XHCIPort; C:\Windows\System32\drivers\XHCIPort.sys [188896 2012-10-10] (Windows (R) Win 7 DDK provider)

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-10-07 12:16 - 2014-10-07 12:16 - 00000000 ____D () C:\Users\Mark\Desktop\FRST-OlderVersion
2014-10-07 12:15 - 2014-10-07 12:15 - 00024549 _____ () C:\Users\Mark\Desktop\11.txt
2014-10-07 12:15 - 2014-10-07 12:15 - 00001966 _____ () C:\Users\Mark\Desktop\111.txt
2014-10-07 10:46 - 2014-10-07 11:03 - 00122584 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2014-10-07 10:45 - 2014-10-07 10:45 - 00001120 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-10-07 10:45 - 2014-10-07 10:45 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-10-07 10:45 - 2014-10-07 10:45 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-10-07 10:45 - 2014-10-07 10:45 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-10-07 10:45 - 2014-05-12 07:26 - 00091352 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2014-10-07 10:45 - 2014-05-12 07:26 - 00064216 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mwac.sys
2014-10-07 10:45 - 2014-05-12 07:25 - 00025816 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbam.sys
2014-10-07 10:41 - 2014-10-07 10:41 - 00001571 _____ () C:\Users\Mark\Desktop\JRT2.txt
2014-10-07 10:40 - 2014-10-07 10:40 - 00001571 _____ () C:\Users\Mark\Desktop\JRT.txt
2014-10-07 10:36 - 2014-10-07 10:36 - 00000000 ____D () C:\WINDOWS\ERUNT
2014-10-07 10:33 - 2014-10-07 10:34 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Mark\Downloads\mbam-setup-2.0.2.1012.exe
2014-10-07 10:27 - 2014-10-07 10:28 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Mark\Desktop\mbam-setup-2.0.2.1012.exe
2014-10-07 10:26 - 2014-10-07 10:26 - 01705141 _____ (Thisisu) C:\Users\Mark\Desktop\JRT.exe
2014-10-07 10:18 - 2014-10-07 10:18 - 00006410 _____ () C:\Users\Mark\Desktop\AdwCleaner[S0].txt
2014-10-07 10:08 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\WINDOWS\SysWOW64\sqlite3.dll
2014-10-07 10:07 - 2014-10-07 10:10 - 00000000 ____D () C:\AdwCleaner
2014-10-07 10:05 - 2014-10-07 10:05 - 01375089 _____ () C:\Users\Mark\Desktop\AdwCleaner.exe
2014-10-05 22:53 - 2014-10-07 12:39 - 00025884 _____ () C:\Users\Mark\Desktop\FRST.txt
2014-10-05 22:53 - 2014-10-07 12:38 - 00000000 ____D () C:\FRST
2014-10-05 22:53 - 2014-10-05 22:58 - 00046419 _____ () C:\Users\Mark\Desktop\Addition.txt
2014-10-05 22:50 - 2014-10-05 22:50 - 00000598 _____ () C:\Users\Mark\Desktop\aswMBR.txt
2014-10-05 21:09 - 2014-10-05 21:09 - 00000924 _____ () C:\Users\Mark\Desktop\1 checkup.txt
2014-10-05 21:03 - 2014-10-07 12:16 - 02109952 _____ (Farbar) C:\Users\Mark\Desktop\FRST64.exe
2014-10-05 20:56 - 2014-10-05 21:00 - 05185536 _____ (AVAST Software) C:\Users\Mark\Desktop\aswMBR.exe
2014-10-05 20:55 - 2014-10-05 20:55 - 00854436 _____ () C:\Users\Mark\Desktop\SecurityCheck.exe
2014-10-04 02:36 - 2014-10-04 02:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\QuickTime
2014-10-04 02:36 - 2014-10-04 02:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\custom matrices
2014-10-04 02:36 - 2014-10-04 02:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\C2MP
2014-10-04 02:36 - 2014-10-04 02:36 - 00000000 ____D () C:\Users\Mark\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\D-i-v-X - AVI Codec Pack Pro
2014-10-04 02:35 - 2014-10-07 11:03 - 00000000 ____D () C:\Program Files (x86)\neurowise
2014-10-04 02:33 - 2014-10-04 02:34 - 00699016 _____ (CNET Download.com) C:\Users\Mark\Downloads\cbsidlm-cbsi213-AVI_Codec_Pack_Pro-SEO-10509745.exe
2014-09-30 23:14 - 2014-09-30 23:16 - 00000000 ____D () C:\Users\Mark\Desktop\computer uses
2014-09-28 16:56 - 2014-09-28 17:00 - 00000000 ____D () C:\Users\Mark\Documents\To be copied
2014-09-25 04:27 - 2014-09-25 04:28 - 00690192 _____ () C:\Users\Mark\Downloads\Bagram_Offer_Letter_.zip
2014-09-24 14:16 - 2014-09-24 14:16 - 00000000 ____D () C:\Users\Mark\Documents\Shipping
2014-09-24 14:16 - 2014-09-16 19:04 - 00038027 _____ () C:\Users\Mark\Documents\EHI RW Project Ledger 9.10.14.xlsx
2014-09-24 14:14 - 2014-09-24 14:46 - 00000000 ____D () C:\Users\Mark\Documents\Downloads Ship ake-6
2014-09-23 01:15 - 2014-09-23 01:15 - 00217549 _____ () C:\Users\Mark\Documents\water.xps
2014-09-19 03:22 - 2014-09-19 03:06 - 21043967 _____ () C:\Users\Mark\Desktop\Homemade_fuel_vaporizer_on_my_lawn_mower.mp4
2014-09-18 19:15 - 2014-09-18 19:15 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2014-09-18 19:07 - 2014-09-18 19:07 - 00003094 _____ () C:\WINDOWS\System32\Tasks\{1DC34C3C-9BFD-4856-9843-F32BC48A8A98}
2014-09-18 19:05 - 2014-09-18 19:05 - 00001797 _____ () C:\Users\Public\Desktop\iTunes.lnk
2014-09-18 19:05 - 2014-09-18 19:05 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2014-09-18 19:05 - 2014-09-18 19:05 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-09-18 19:05 - 2014-09-18 19:05 - 00000000 ____D () C:\Program Files\iTunes
2014-09-18 19:05 - 2014-09-18 19:05 - 00000000 ____D () C:\Program Files\iPod
2014-09-18 18:32 - 2014-09-18 19:05 - 00000000 ____D () C:\Program Files (x86)\iTunes
2014-09-18 17:30 - 2014-09-18 17:30 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iCloud
2014-09-18 14:48 - 2014-07-24 23:28 - 00468288 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBHUB3.SYS
2014-09-18 14:48 - 2014-07-24 23:28 - 00419648 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbhub.sys
2014-09-18 14:48 - 2014-07-24 23:28 - 00412992 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spaceport.sys
2014-09-18 14:48 - 2014-07-24 23:28 - 00280384 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pci.sys
2014-09-18 14:48 - 2014-07-24 23:28 - 00143680 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbccgp.sys
2014-09-18 14:48 - 2014-07-24 23:25 - 00054752 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2014-09-18 14:48 - 2014-07-24 23:23 - 01519488 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll
2014-09-18 14:48 - 2014-07-24 23:23 - 00125472 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmapi.dll
2014-09-18 14:48 - 2014-07-24 23:20 - 21266336 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2014-09-18 14:48 - 2014-07-24 23:20 - 00645592 _____ (Microsoft Corporation) C:\WINDOWS\system32\SHCore.dll
2014-09-18 14:48 - 2014-07-24 23:20 - 00263400 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsAdminFlows.exe
2014-09-18 14:48 - 2014-07-24 23:16 - 02574208 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMVDECOD.DLL
2014-09-18 14:48 - 2014-07-24 23:16 - 00211216 _____ (Microsoft Corporation) C:\WINDOWS\system32\SndVol.exe
2014-09-18 14:48 - 2014-07-24 23:07 - 07424320 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2014-09-18 14:48 - 2014-07-24 23:07 - 02009920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2014-09-18 14:48 - 2014-07-24 23:05 - 01660048 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2014-09-18 14:48 - 2014-07-24 23:05 - 01519560 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2014-09-18 14:48 - 2014-07-24 23:05 - 01488008 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2014-09-18 14:48 - 2014-07-24 23:05 - 01356840 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2014-09-18 14:48 - 2014-07-24 23:03 - 02141920 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2014-09-18 14:48 - 2014-07-24 23:03 - 00882136 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfplat.dll
2014-09-18 14:48 - 2014-07-24 23:03 - 00818624 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll
2014-09-18 14:48 - 2014-07-24 23:03 - 00360480 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfreadwrite.dll
2014-09-18 14:48 - 2014-07-24 23:03 - 00233888 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll
2014-09-18 14:48 - 2014-07-24 23:03 - 00205512 _____ (Microsoft Corporation) C:\WINDOWS\system32\mftranscode.dll
2014-09-18 14:48 - 2014-07-24 22:57 - 02515264 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2014-09-18 14:48 - 2014-07-24 22:57 - 00475968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netio.sys
2014-09-18 14:48 - 2014-07-24 21:50 - 00098048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmapi.dll
2014-09-18 14:48 - 2014-07-24 21:48 - 02410976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMVDECOD.DLL
2014-09-18 14:48 - 2014-07-24 21:48 - 00180208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SndVol.exe
2014-09-18 14:48 - 2014-07-24 21:46 - 18760328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2014-09-18 14:48 - 2014-07-24 21:46 - 00477200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SHCore.dll
2014-09-18 14:48 - 2014-07-24 21:36 - 02145472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2014-09-18 14:48 - 2014-07-24 21:36 - 00707536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfplat.dll
2014-09-18 14:48 - 2014-07-24 21:36 - 00674512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll
2014-09-18 14:48 - 2014-07-24 21:36 - 00355800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfreadwrite.dll
2014-09-18 14:48 - 2014-07-24 21:36 - 00180720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mftranscode.dll
2014-09-18 14:48 - 2014-07-24 19:51 - 00008192 _____ (Microsoft Corporation) C:\WINDOWS\system32\KBDRUM.DLL
2014-09-18 14:48 - 2014-07-24 19:51 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\system32\KBDYAK.DLL
2014-09-18 14:48 - 2014-07-24 19:51 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\system32\KBDTT102.DLL
2014-09-18 14:48 - 2014-07-24 19:51 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\system32\KBDTAT.DLL
2014-09-18 14:48 - 2014-07-24 19:51 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\system32\KBDRU1.DLL
2014-09-18 14:48 - 2014-07-24 19:51 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\system32\KBDBASH.DLL
2014-09-18 14:48 - 2014-07-24 19:51 - 00006656 _____ (Microsoft Corporation) C:\WINDOWS\system32\KBDRU.DLL
2014-09-18 14:48 - 2014-07-24 19:47 - 00132608 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll
2014-09-18 14:48 - 2014-07-24 19:46 - 00079872 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\IPMIDrv.sys
2014-09-18 14:48 - 2014-07-24 19:45 - 00076800 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hdaudbus.sys
2014-09-18 14:48 - 2014-07-24 19:44 - 00674816 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv2.sys
2014-09-18 14:48 - 2014-07-24 19:43 - 00412160 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv.sys
2014-09-18 14:48 - 2014-07-24 19:43 - 00064000 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthmodem.sys
2014-09-18 14:48 - 2014-07-24 19:42 - 01200640 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthport.sys
2014-09-18 14:48 - 2014-07-24 19:42 - 00446976 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\nwifi.sys
2014-09-18 14:48 - 2014-07-24 19:42 - 00126464 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\NdisImPlatform.sys
2014-09-18 14:48 - 2014-07-24 19:41 - 00118272 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthpan.sys
2014-09-18 14:48 - 2014-07-24 19:41 - 00115712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bridge.sys
2014-09-18 14:48 - 2014-07-24 19:33 - 00059392 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups.dll
2014-09-18 14:48 - 2014-07-24 19:33 - 00050688 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups2.dll
2014-09-18 14:48 - 2014-07-24 19:22 - 00308736 _____ (Microsoft Corporation) C:\WINDOWS\system32\compstui.dll
2014-09-18 14:48 - 2014-07-24 19:06 - 00220160 _____ (Microsoft Corporation) C:\WINDOWS\system32\iasnap.dll
2014-09-18 14:48 - 2014-07-24 19:05 - 00287232 _____ (Microsoft Corporation) C:\WINDOWS\system32\usbmon.dll
2014-09-18 14:48 - 2014-07-24 19:05 - 00226816 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebClnt.dll
2014-09-18 14:48 - 2014-07-24 18:52 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KBDYAK.DLL
2014-09-18 14:48 - 2014-07-24 18:52 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KBDTT102.DLL
2014-09-18 14:48 - 2014-07-24 18:52 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KBDTAT.DLL
2014-09-18 14:48 - 2014-07-24 18:51 - 00008192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KBDRUM.DLL
2014-09-18 14:48 - 2014-07-24 18:51 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KBDRU1.DLL
2014-09-18 14:48 - 2014-07-24 18:51 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KBDBASH.DLL
2014-09-18 14:48 - 2014-07-24 18:51 - 00006656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KBDRU.DLL
2014-09-18 14:48 - 2014-07-24 18:49 - 00065536 _____ (Microsoft Corporation) C:\WINDOWS\system32\WorkFoldersGPExt.dll
2014-09-18 14:48 - 2014-07-24 18:33 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wups.dll
2014-09-18 14:48 - 2014-07-24 18:32 - 00207360 _____ (Microsoft Corporation) C:\WINDOWS\system32\powercfg.cpl
2014-09-18 14:48 - 2014-07-24 18:20 - 02050560 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRH.dll
2014-09-18 14:48 - 2014-07-24 18:18 - 01089024 _____ (Microsoft Corporation) C:\WINDOWS\system32\gpedit.dll
2014-09-18 14:48 - 2014-07-24 18:12 - 00878592 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActionCenter.dll
2014-09-18 14:48 - 2014-07-24 18:10 - 01844224 _____ (Microsoft Corporation) C:\WINDOWS\system32\Display.dll
2014-09-18 14:48 - 2014-07-24 18:10 - 00834560 _____ (Microsoft Corporation) C:\WINDOWS\system32\osk.exe
2014-09-18 14:48 - 2014-07-24 18:10 - 00198656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WebClnt.dll
2014-09-18 14:48 - 2014-07-24 18:10 - 00168960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iasnap.dll
2014-09-18 14:48 - 2014-07-24 18:09 - 01057280 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdvidcrl.dll
2014-09-18 14:48 - 2014-07-24 18:06 - 00438272 _____ (Microsoft Corporation) C:\WINDOWS\system32\puiobj.dll
2014-09-18 14:48 - 2014-07-24 18:05 - 00187392 _____ (Microsoft Corporation) C:\WINDOWS\system32\WorkFoldersShell.dll
2014-09-18 14:48 - 2014-07-24 17:53 - 00215552 _____ (Microsoft Corporation) C:\WINDOWS\system32\prnntfy.dll
2014-09-18 14:48 - 2014-07-24 17:52 - 00621056 _____ (Microsoft Corporation) C:\WINDOWS\system32\comdlg32.dll
2014-09-18 14:48 - 2014-07-24 17:44 - 16874496 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2014-09-18 14:48 - 2014-07-24 17:42 - 00206336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\powercfg.cpl
2014-09-18 14:48 - 2014-07-24 17:40 - 00557056 _____ (Microsoft Corporation) C:\WINDOWS\system32\PrintDialogs.dll
2014-09-18 14:48 - 2014-07-24 17:39 - 00770048 _____ (Microsoft Corporation) C:\WINDOWS\system32\WorkfoldersControl.dll
2014-09-18 14:48 - 2014-07-24 17:33 - 01741824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SRH.dll
2014-09-18 14:48 - 2014-07-24 17:32 - 01048064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gpedit.dll
2014-09-18 14:48 - 2014-07-24 17:27 - 00855552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdvidcrl.dll
2014-09-18 14:48 - 2014-07-24 17:27 - 00779264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\osk.exe
2014-09-18 14:48 - 2014-07-24 17:25 - 00832512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActionCenter.dll
2014-09-18 14:48 - 2014-07-24 17:24 - 01817088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Display.dll
2014-09-18 14:48 - 2014-07-24 17:23 - 00328704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\puiobj.dll
2014-09-18 14:48 - 2014-07-24 17:21 - 00134144 _____ (Microsoft Corporation) C:\WINDOWS\system32\browser.dll
2014-09-18 14:48 - 2014-07-24 17:18 - 00018432 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvcpal.dll
2014-09-18 14:48 - 2014-07-24 17:16 - 12730880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2014-09-18 14:48 - 2014-07-24 17:14 - 00443904 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansec.dll
2014-09-18 14:48 - 2014-07-24 17:13 - 00195584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\prnntfy.dll
2014-09-18 14:48 - 2014-07-24 17:12 - 00127488 _____ (Microsoft Corporation) C:\WINDOWS\system32\WiFiDisplay.dll
2014-09-18 14:48 - 2014-07-24 17:11 - 00356864 _____ (Microsoft Corporation) C:\WINDOWS\system32\conhost.exe
2014-09-18 14:48 - 2014-07-24 17:11 - 00063488 _____ (Microsoft Corporation) C:\WINDOWS\system32\wshbth.dll
2014-09-18 14:48 - 2014-07-24 17:10 - 00540672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comdlg32.dll
2014-09-18 14:48 - 2014-07-24 17:09 - 00116736 _____ (Microsoft Corporation) C:\WINDOWS\system32\httpprxm.dll
2014-09-18 14:48 - 2014-07-24 17:04 - 00492032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintDialogs.dll
2014-09-18 14:48 - 2014-07-24 17:04 - 00183808 _____ (Microsoft Corp.) C:\WINDOWS\system32\Defrag.exe
2014-09-18 14:48 - 2014-07-24 17:03 - 00324096 _____ (Microsoft Corporation) C:\WINDOWS\system32\srvsvc.dll
2014-09-18 14:48 - 2014-07-24 17:02 - 00220160 _____ (Microsoft Corporation) C:\WINDOWS\system32\profsvc.dll
2014-09-18 14:48 - 2014-07-24 16:58 - 00105472 _____ (Microsoft Corporation) C:\WINDOWS\system32\BluetoothApis.dll
2014-09-18 14:48 - 2014-07-24 16:53 - 01261056 _____ (Microsoft Corporation) C:\WINDOWS\system32\gpsvc.dll
2014-09-18 14:48 - 2014-07-24 16:53 - 00449536 _____ (Microsoft Corporation) C:\WINDOWS\system32\defragsvc.dll
2014-09-18 14:48 - 2014-07-24 16:49 - 01361408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll
2014-09-18 14:48 - 2014-07-24 16:49 - 01287680 _____ (Microsoft Corporation) C:\WINDOWS\system32\mispace.dll
2014-09-18 14:48 - 2014-07-24 16:49 - 00296960 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanapi.dll
2014-09-18 14:48 - 2014-07-24 16:49 - 00075776 _____ (Microsoft Corporation) C:\WINDOWS\system32\adhsvc.dll
2014-09-18 14:48 - 2014-07-24 16:48 - 00659968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Bluetooth.dll
2014-09-18 14:48 - 2014-07-24 16:47 - 00102912 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmcsp.dll
2014-09-18 14:48 - 2014-07-24 16:43 - 00051200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wshbth.dll
2014-09-18 14:48 - 2014-07-24 16:39 - 02397184 _____ (Microsoft Corporation) C:\WINDOWS\system32\storagewmi.dll
2014-09-18 14:48 - 2014-07-24 16:38 - 00371200 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanmsm.dll
2014-09-18 14:48 - 2014-07-24 16:36 - 00079872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BluetoothApis.dll
2014-09-18 14:48 - 2014-07-24 16:32 - 01532416 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvc.dll
2014-09-18 14:48 - 2014-07-24 16:30 - 00230400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlanapi.dll
2014-09-18 14:48 - 2014-07-24 16:29 - 00439296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Bluetooth.dll
2014-09-18 14:48 - 2014-07-24 16:28 - 00595456 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.dll
2014-09-18 14:48 - 2014-07-24 16:27 - 00907776 _____ (Microsoft Corporation) C:\WINDOWS\system32\iphlpsvc.dll
2014-09-18 14:48 - 2014-07-24 16:24 - 00249344 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2014-09-18 14:48 - 2014-07-24 16:23 - 01404416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\storagewmi.dll
2014-09-18 14:48 - 2014-07-24 16:22 - 00487936 _____ (Microsoft Corporation) C:\WINDOWS\system32\winspool.drv
2014-09-18 14:48 - 2014-07-24 16:21 - 01231872 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2014-09-18 14:48 - 2014-07-24 16:21 - 00302080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlanmsm.dll
2014-09-18 14:48 - 2014-07-24 16:20 - 00187392 _____ (Microsoft Corporation) C:\WINDOWS\system32\puiapi.dll
2014-09-18 14:48 - 2014-07-24 16:19 - 00388608 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUSettingsProvider.dll
2014-09-18 14:48 - 2014-07-24 16:18 - 01144320 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanmm.dll
2014-09-18 14:48 - 2014-07-24 16:18 - 00795136 _____ (Microsoft Corporation) C:\WINDOWS\system32\spoolsv.exe
2014-09-18 14:48 - 2014-07-24 16:18 - 00093696 _____ (Microsoft Corporation) C:\WINDOWS\system32\wudriver.dll
2014-09-18 14:48 - 2014-07-24 16:16 - 00505344 _____ (Microsoft Corporation) C:\WINDOWS\system32\VAN.dll
2014-09-18 14:48 - 2014-07-24 16:16 - 00084480 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpdbusenum.dll
2014-09-18 14:48 - 2014-07-24 16:15 - 00828416 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2014-09-18 14:48 - 2014-07-24 16:15 - 00721408 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.dll
2014-09-18 14:48 - 2014-07-24 16:15 - 00432128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.dll
2014-09-18 14:48 - 2014-07-24 16:13 - 00226304 _____ (Microsoft Corporation) C:\WINDOWS\system32\SndVolSSO.dll
2014-09-18 14:48 - 2014-07-24 16:12 - 00189952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2014-09-18 14:48 - 2014-07-24 16:10 - 01029632 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll
2014-09-18 14:48 - 2014-07-24 16:10 - 00889344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2014-09-18 14:48 - 2014-07-24 16:10 - 00806400 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32spl.dll
2014-09-18 14:48 - 2014-07-24 16:10 - 00371712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winspool.drv
2014-09-18 14:48 - 2014-07-24 16:08 - 00321536 _____ (Microsoft Corporation) C:\WINDOWS\system32\stobject.dll
2014-09-18 14:48 - 2014-07-24 16:08 - 00162816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\puiapi.dll
2014-09-18 14:48 - 2014-07-24 16:07 - 01705472 _____ (Microsoft Corporation) C:\WINDOWS\system32\wucltux.dll
2014-09-18 14:48 - 2014-07-24 16:06 - 00080896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wudriver.dll
2014-09-18 14:48 - 2014-07-24 16:05 - 00448000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VAN.dll
2014-09-18 14:48 - 2014-07-24 16:04 - 00667136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2014-09-18 14:48 - 2014-07-24 16:02 - 03465216 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2014-09-18 14:48 - 2014-07-24 16:01 - 05833216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Search.dll
2014-09-18 14:48 - 2014-07-24 16:01 - 01992192 _____ (Microsoft Corporation) C:\WINDOWS\system32\XpsPrint.dll
2014-09-18 14:48 - 2014-07-24 16:01 - 01126912 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchFolder.dll
2014-09-18 14:48 - 2014-07-24 16:00 - 02100736 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsAdminFlowUI.dll
2014-09-18 14:48 - 2014-07-24 15:58 - 00432640 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanconn.dll
2014-09-18 14:48 - 2014-07-24 15:58 - 00288768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\stobject.dll
2014-09-18 14:48 - 2014-07-24 15:54 - 01290752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XpsPrint.dll
2014-09-18 14:48 - 2014-07-24 15:50 - 01182208 _____ (Microsoft Corporation) C:\WINDOWS\system32\printui.dll
2014-09-18 14:48 - 2014-07-24 15:50 - 00923136 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSShared.dll
2014-09-18 14:48 - 2014-07-24 15:49 - 00263680 _____ (Microsoft Corporation) C:\WINDOWS\system32\DafPrintProvider.dll
2014-09-18 14:48 - 2014-07-24 15:47 - 00576512 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSync.dll
2014-09-18 14:48 - 2014-07-24 15:46 - 08652800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Search.dll
2014-09-18 14:48 - 2014-07-24 15:44 - 01057792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\printui.dll
2014-09-18 14:48 - 2014-07-24 15:43 - 02696704 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers.dll
2014-09-18 14:48 - 2014-07-24 15:43 - 00756224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSShared.dll
2014-09-18 14:48 - 2014-07-24 15:43 - 00200192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DafPrintProvider.dll
2014-09-18 14:48 - 2014-07-24 15:41 - 00459264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSync.dll
2014-09-18 14:48 - 2014-07-24 15:39 - 02642944 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll
2014-09-18 14:48 - 2014-07-24 15:38 - 06649344 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2014-09-18 14:48 - 2014-07-24 15:38 - 05777408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2014-09-18 14:48 - 2014-07-24 15:33 - 03360768 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll
2014-09-18 14:48 - 2014-07-24 15:30 - 02318336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authui.dll
2014-09-18 14:48 - 2014-07-24 15:28 - 01600000 _____ (Microsoft Corporation) C:\WINDOWS\system32\workfolderssvc.dll
2014-09-18 14:48 - 2014-07-24 12:11 - 00513544 _____ () C:\WINDOWS\SysWOW64\locale.nls
2014-09-18 14:48 - 2014-07-24 12:11 - 00513544 _____ () C:\WINDOWS\system32\locale.nls
2014-09-18 14:48 - 2014-07-12 13:55 - 00268288 _____ (Microsoft Corporation) C:\WINDOWS\system32\wisp.dll
2014-09-18 14:48 - 2014-07-12 13:23 - 00436224 _____ (Microsoft Corporation) C:\WINDOWS\system32\certcli.dll
2014-09-18 14:48 - 2014-07-12 12:58 - 00210944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wisp.dll
2014-09-18 14:48 - 2014-07-12 12:33 - 00318976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\certcli.dll
2014-09-18 14:48 - 2014-07-12 12:13 - 01417216 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2014-09-18 14:48 - 2014-07-10 07:19 - 00387391 _____ () C:\WINDOWS\system32\ApnDatabase.xml
2014-09-18 14:48 - 2014-07-04 20:59 - 00295424 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ks.sys
2014-09-18 14:48 - 2014-07-04 18:29 - 00117248 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxSip.dll
2014-09-18 14:48 - 2014-07-04 18:20 - 01656832 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2014-09-18 14:48 - 2014-07-04 18:06 - 00095232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxSip.dll
2014-09-18 14:48 - 2014-07-04 18:00 - 01351168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2014-09-18 14:48 - 2014-07-04 17:30 - 00544768 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxPackaging.dll
2014-09-18 14:48 - 2014-07-04 17:27 - 00474112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxPackaging.dll
2014-09-18 14:48 - 2014-06-27 14:22 - 00246272 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srvnet.sys
2014-09-18 14:48 - 2014-06-26 08:32 - 01029632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mispace.dll
2014-09-18 14:48 - 2014-06-26 08:29 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\dab.dll
2014-09-18 14:48 - 2014-06-20 07:37 - 00206848 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb20.sys
2014-09-18 14:48 - 2014-06-19 10:13 - 00310080 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\volsnap.sys
2014-09-18 14:48 - 2014-06-14 14:03 - 02389504 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d10warp.dll
2014-09-18 14:48 - 2014-06-14 13:46 - 02071552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d10warp.dll
2014-09-18 14:48 - 2014-06-07 20:46 - 00216368 _____ (Microsoft Corporation) C:\WINDOWS\system32\rsaenh.dll
2014-09-18 14:48 - 2014-06-07 18:20 - 00189016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rsaenh.dll
2014-09-18 14:48 - 2014-06-05 22:00 - 01118040 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys
2014-09-18 14:48 - 2014-06-05 18:18 - 01018368 _____ (Microsoft Corporation) C:\WINDOWS\system32\aclui.dll
2014-09-18 14:48 - 2014-06-05 17:42 - 00889856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aclui.dll
2014-09-18 14:48 - 2014-05-31 13:00 - 01463808 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsecedit.dll
2014-09-18 14:48 - 2014-05-31 12:18 - 01319936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsecedit.dll
2014-09-18 14:48 - 2014-05-29 14:23 - 00427008 _____ (Microsoft Corporation) C:\WINDOWS\system32\clusapi.dll
2014-09-18 14:48 - 2014-05-29 13:25 - 00313856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\clusapi.dll
2014-09-18 14:48 - 2014-05-29 13:20 - 00427520 _____ (Microsoft Corporation) C:\WINDOWS\system32\schannel.dll
2014-09-18 14:48 - 2014-05-29 12:36 - 00344576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\schannel.dll
2014-09-18 14:48 - 2014-05-26 15:26 - 00053248 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxSysprep.dll
2014-09-18 14:48 - 2014-05-10 18:12 - 00387896 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcryptprimitives.dll
2014-09-18 14:48 - 2014-05-10 16:46 - 00335680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcryptprimitives.dll
2014-09-18 14:48 - 2014-05-06 12:41 - 00486744 _____ (Microsoft Corporation) C:\WINDOWS\system32\netcfgx.dll
2014-09-18 14:48 - 2014-05-06 08:55 - 00391000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netcfgx.dll
2014-09-18 14:48 - 2014-03-25 10:27 - 00160600 _____ (Microsoft Corporation) C:\WINDOWS\system32\winmmbase.dll
2014-09-18 14:48 - 2014-03-25 10:27 - 00123920 _____ (Microsoft Corporation) C:\WINDOWS\system32\winmm.dll
2014-09-18 14:48 - 2014-03-25 09:20 - 00128568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winmm.dll
2014-09-18 14:48 - 2014-03-25 09:20 - 00127544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winmmbase.dll
2014-09-18 14:42 - 2014-08-23 15:48 - 02374784 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2014-09-18 14:42 - 2014-08-23 15:13 - 02084520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2014-09-18 14:42 - 2014-08-23 14:10 - 00068096 _____ (Microsoft Corporation) C:\WINDOWS\system32\UXInit.dll
2014-09-18 14:42 - 2014-08-23 13:32 - 00050176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UXInit.dll
2014-09-18 14:42 - 2014-08-23 12:44 - 02860032 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll
2014-09-18 14:42 - 2014-08-23 12:34 - 13423104 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2014-09-18 14:42 - 2014-08-23 12:33 - 00796672 _____ (Microsoft Corporation) C:\WINDOWS\system32\uDWM.dll
2014-09-18 14:42 - 2014-08-23 12:31 - 01038336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\actxprxy.dll
2014-09-18 14:42 - 2014-08-23 12:20 - 11818496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2014-09-18 14:41 - 2014-07-30 09:56 - 00299520 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSDMon.dll
2014-09-18 14:41 - 2014-07-29 13:22 - 00205824 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcpmon.dll
2014-09-18 14:36 - 2014-08-15 08:36 - 00146752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\msgpioclx.sys
2014-09-17 00:31 - 2014-10-01 22:06 - 00000000 ____D () C:\Users\Mark\Desktop\Desktop ICONS
2014-09-16 19:48 - 2014-09-16 19:04 - 00013201 _____ () C:\Users\Mark\Documents\HD Movies collection.xlsx
2014-09-16 02:35 - 2014-09-16 02:36 - 00000000 ____D () C:\Users\Mark\Desktop\Bourne Series 4 HD
2014-09-11 22:30 - 2014-09-11 22:30 - 00759482 _____ () C:\Users\Mark\Downloads\leannesstudiopics.zip
2014-09-11 17:01 - 2014-08-16 10:40 - 23591424 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2014-09-11 17:01 - 2014-08-16 10:04 - 17455104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2014-09-11 17:01 - 2014-08-16 10:00 - 05833728 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2014-09-11 17:01 - 2014-08-16 10:00 - 02793984 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2014-09-11 17:01 - 2014-08-16 09:56 - 00547328 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2014-09-11 17:01 - 2014-08-16 09:54 - 00083968 _____ (Microsoft Corporation) C:\WINDOWS\system32\MshtmlDac.dll
2014-09-11 17:01 - 2014-08-16 09:45 - 04232704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2014-09-11 17:01 - 2014-08-16 09:43 - 00758272 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2014-09-11 17:01 - 2014-08-16 09:32 - 00446464 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtmsft.dll
2014-09-11 17:01 - 2014-08-16 09:25 - 00072704 _____ (Microsoft Corporation) C:\WINDOWS\system32\JavaScriptCollectionAgent.dll
2014-09-11 17:01 - 2014-08-16 09:22 - 00454656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2014-09-11 17:01 - 2014-08-16 09:20 - 00061952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MshtmlDac.dll
2014-09-11 17:01 - 2014-08-16 09:19 - 00085504 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2014-09-11 17:01 - 2014-08-16 09:18 - 02185728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2014-09-11 17:01 - 2014-08-16 09:18 - 00289280 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2014-09-11 17:01 - 2014-08-16 09:11 - 00597504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
2014-09-11 17:01 - 2014-08-16 09:06 - 00359424 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2014-09-11 17:01 - 2014-08-16 09:05 - 00727040 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2014-09-11 17:01 - 2014-08-16 09:05 - 00707072 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2014-09-11 17:01 - 2014-08-16 09:03 - 02104832 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2014-09-11 17:01 - 2014-08-16 09:03 - 00365056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtmsft.dll
2014-09-11 17:01 - 2014-08-16 08:58 - 00060416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\JavaScriptCollectionAgent.dll
2014-09-11 17:01 - 2014-08-16 08:56 - 02310656 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2014-09-11 17:01 - 2014-08-16 08:53 - 13588480 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2014-09-11 17:01 - 2014-08-16 08:53 - 00243200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
2014-09-11 17:01 - 2014-08-16 08:53 - 00069632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll
2014-09-11 17:01 - 2014-08-16 08:51 - 11769856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2014-09-11 17:01 - 2014-08-16 08:45 - 00603136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2014-09-11 17:01 - 2014-08-16 08:44 - 02014208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2014-09-11 17:01 - 2014-08-16 08:44 - 00312320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2014-09-11 17:01 - 2014-08-16 08:34 - 01447424 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2014-09-11 17:01 - 2014-08-16 08:20 - 01812992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2014-09-11 17:01 - 2014-08-16 08:18 - 00775168 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2014-09-11 17:01 - 2014-08-16 08:14 - 01190400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2014-09-11 17:01 - 2014-08-16 08:12 - 00678400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2014-09-11 17:01 - 2014-05-30 17:28 - 00051200 _____ (Microsoft Corporation) C:\WINDOWS\system32\jsproxy.dll
2014-09-11 17:01 - 2014-05-30 16:43 - 00061952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iesetup.dll
2014-09-11 17:01 - 2014-02-06 19:30 - 02724864 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
2014-09-11 17:01 - 2014-02-06 19:30 - 00004096 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwcollectorres.dll
2014-09-11 17:01 - 2014-02-06 19:07 - 00066048 _____ (Microsoft Corporation) C:\WINDOWS\system32\iesetup.dll
2014-09-11 17:01 - 2014-02-06 19:06 - 00048640 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwproxystub.dll
2014-09-11 17:01 - 2014-02-06 18:56 - 00033792 _____ (Microsoft Corporation) C:\WINDOWS\system32\iernonce.dll
2014-09-11 17:01 - 2014-02-06 18:49 - 00139264 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieUnatt.exe
2014-09-11 17:01 - 2014-02-06 18:48 - 00111616 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwcollector.exe
2014-09-11 17:01 - 2014-02-06 18:20 - 02724864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb
2014-09-11 17:01 - 2014-02-06 18:17 - 00195584 _____ (Microsoft Corporation) C:\WINDOWS\system32\msrating.dll
2014-09-11 17:01 - 2014-02-06 18:00 - 00051200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieetwproxystub.dll
2014-09-11 17:01 - 2014-02-06 17:52 - 00043008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jsproxy.dll
2014-09-11 17:01 - 2014-02-06 17:52 - 00032768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iernonce.dll
2014-09-11 17:01 - 2014-02-06 17:47 - 00112128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieUnatt.exe
2014-09-11 17:01 - 2014-02-06 17:25 - 00164864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrating.dll
2014-09-11 14:57 - 2014-09-05 10:36 - 00097280 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepic.dll
2014-09-11 14:57 - 2014-09-05 10:31 - 00527360 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2014-09-11 14:57 - 2014-09-05 08:48 - 00738816 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepdu.dll
2014-09-11 14:56 - 2014-08-02 08:18 - 01212928 _____ (Microsoft Corporation) C:\WINDOWS\system32\schedsvc.dll
2014-09-11 14:56 - 2014-07-24 11:20 - 00875688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvcr120_clr0400.dll
2014-09-11 14:56 - 2014-07-24 11:20 - 00869544 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvcr120_clr0400.dll
2014-09-11 14:28 - 2014-09-11 14:29 - 00005901 _____ () C:\Users\Mark\Downloads\Fw_ The Star Spangled Banner - as you've never heard it before!
2014-09-08 22:25 - 2014-09-08 22:25 - 00000000 ____D () C:\Users\Mark\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Jawbone
2014-09-08 22:25 - 2014-09-08 22:25 - 00000000 ____D () C:\Users\Mark\AppData\Roaming\JawboneUpdater
2014-09-08 22:25 - 2014-09-08 22:25 - 00000000 ____D () C:\Program Files (x86)\Jawbone
2014-09-08 22:24 - 2014-09-08 22:25 - 04442800 _____ (Jawbone) C:\Users\Mark\Downloads\Jawbone_Updater-2.2.4.exe
2014-09-08 22:08 - 2014-09-08 22:08 - 00000000 ____D () C:\Users\Mark\Downloads\4dd322433e0d918016dd232aa1eda0ce
2014-09-08 22:06 - 2014-09-08 22:06 - 00000000 ____D () C:\Users\Mark\AppData\Local\DriverToolkit
2014-09-08 22:06 - 2014-09-08 22:06 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DriverToolkit
2014-09-08 22:06 - 2014-09-08 22:06 - 00000000 ____D () C:\Program Files (x86)\DriverToolkit
2014-09-08 22:05 - 2014-09-08 22:05 - 00064895 _____ () C:\Users\Mark\Downloads\4dd322433e0d918016dd232aa1eda0ce.zip
2014-09-08 22:04 - 2014-09-08 22:04 - 02396224 _____ (Megaify Software ) C:\Users\Mark\Downloads\driver_setup(1).exe

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-10-07 12:20 - 2014-01-13 06:34 - 00000926 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2014-10-07 12:12 - 2014-01-05 05:27 - 00004996 _____ () C:\WINDOWS\System32\Tasks\Microsoft Office 15 Sync Maintenance for MBASUS31DEC2103-Mark MBAsus31Dec2103
2014-10-07 12:01 - 2014-01-03 14:15 - 00000830 _____ () C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2014-10-07 12:00 - 2013-08-22 23:36 - 00000000 ____D () C:\WINDOWS\system32\sru
2014-10-07 11:13 - 2014-01-03 13:24 - 00003600 _____ () C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1579019205-3585864088-4210726827-1001
2014-10-07 11:09 - 2013-11-14 15:28 - 00863592 _____ () C:\WINDOWS\system32\PerfStringBackup.INI
2014-10-07 11:05 - 2014-01-13 06:34 - 00002205 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-10-07 11:04 - 2014-08-05 10:57 - 00000000 ___RD () C:\Users\Mark\Google Drive
2014-10-07 11:04 - 2014-01-03 14:36 - 00000000 ___DO () C:\Users\Mark\SkyDrive
2014-10-07 11:04 - 2014-01-03 13:16 - 00000401 _____ () C:\Users\Mark\AppData\Roaming\sp_data.sys
2014-10-07 11:03 - 2014-01-13 06:34 - 00000922 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2014-10-07 11:03 - 2013-11-14 15:20 - 00046490 _____ () C:\WINDOWS\PFRO.log
2014-10-07 11:03 - 2013-08-22 22:45 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2014-10-07 11:03 - 2013-08-22 21:25 - 00262144 ___SH () C:\WINDOWS\system32\config\BBI
2014-10-07 11:02 - 2013-08-22 23:36 - 00000000 ____D () C:\WINDOWS\Branding
2014-10-07 10:12 - 2014-01-29 10:56 - 01315797 _____ () C:\WINDOWS\WindowsUpdate.log
2014-10-07 10:10 - 2014-01-29 10:52 - 00000000 ____D () C:\Users\Mark
2014-10-07 10:10 - 2014-01-11 14:16 - 00000000 ____D () C:\Program Files (x86)\JustCloud
2014-10-07 10:10 - 2012-07-26 13:26 - 00000226 _____ () C:\WINDOWS\win.ini
2014-10-07 10:06 - 2014-01-04 07:03 - 00000000 ____D () C:\Users\Mark\AppData\Roaming\uTorrent
2014-10-05 09:39 - 2014-02-02 09:35 - 02907136 ___SH () C:\Users\Mark\Desktop\Thumbs.db
2014-10-05 07:24 - 2014-01-03 14:22 - 00000000 ____D () C:\Users\Mark\AppData\Roaming\vlc
2014-10-03 23:08 - 2013-08-22 23:36 - 00000000 ____D () C:\WINDOWS\AppReadiness
2014-10-01 16:46 - 2014-01-14 16:21 - 00000000 ____D () C:\Program Files (x86)\Spybot - Search & Destroy 2
2014-10-01 15:22 - 2014-08-27 08:42 - 00018516 _____ () C:\WINDOWS\setupact.log
2014-10-01 12:17 - 2014-01-04 02:52 - 00000000 ____D () C:\Users\Mark\Desktop\Work
2014-10-01 12:10 - 2014-08-08 12:07 - 00007887 _____ () C:\WINDOWS\BRRBCOM.INI
2014-09-30 23:15 - 2014-03-15 18:45 - 00823808 ___SH () C:\Users\Mark\Downloads\Thumbs.db
2014-09-30 18:23 - 2014-07-31 10:47 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-09-30 18:23 - 2014-03-25 19:58 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-09-30 18:23 - 2013-08-22 22:44 - 00371720 _____ () C:\WINDOWS\system32\FNTCACHE.DAT
2014-09-28 19:00 - 2014-01-03 14:44 - 00000000 ____D () C:\Users\Mark\AppData\Roaming\Skype
2014-09-28 08:11 - 2014-01-03 14:13 - 00000000 ____D () C:\Program Files\Microsoft Office 15
2014-09-26 00:33 - 2013-08-22 23:36 - 00000000 ____D () C:\WINDOWS\rescache
2014-09-25 17:12 - 2014-05-05 13:59 - 00000000 ____D () C:\Users\Mark\AppData\Roaming\Free Download Manager
2014-09-25 14:22 - 2014-01-03 13:15 - 00000000 ____D () C:\Users\Mark\AppData\Local\Packages
2014-09-24 23:10 - 2012-07-26 15:59 - 00000000 ____D () C:\WINDOWS\CbsTemp
2014-09-19 23:23 - 2014-01-23 05:58 - 00025594 _____ () C:\Users\Mark\Downloads\EHI Expense Form_ 2014(1).xlsx
2014-09-18 19:16 - 2014-08-16 20:54 - 00000000 ___RD () C:\Program Files (x86)\Skype
2014-09-18 19:15 - 2014-01-03 14:44 - 00002531 _____ () C:\Users\Public\Desktop\Skype.lnk
2014-09-18 19:15 - 2014-01-03 14:44 - 00000000 ____D () C:\ProgramData\Skype
2014-09-18 18:15 - 2014-01-15 14:42 - 00002457 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2014-09-18 18:11 - 2014-03-06 01:55 - 00000000 ____D () C:\Users\Mark\AppData\Roaming\Apple Computer
2014-09-18 18:07 - 2013-11-14 15:17 - 00000000 ____D () C:\Program Files\Windows Journal
2014-09-18 18:07 - 2013-08-22 23:36 - 00000000 ___RD () C:\WINDOWS\ToastData
2014-09-18 18:07 - 2013-08-22 23:36 - 00000000 ___RD () C:\WINDOWS\ImmersiveControlPanel
2014-09-18 18:07 - 2013-08-22 23:36 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2014-09-18 18:07 - 2013-08-22 23:36 - 00000000 ___RD () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2014-09-18 18:07 - 2013-08-22 23:36 - 00000000 ____D () C:\WINDOWS\WinStore
2014-09-18 18:07 - 2013-08-22 23:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\setup
2014-09-18 18:07 - 2013-08-22 23:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\InputMethod
2014-09-18 18:07 - 2013-08-22 23:36 - 00000000 ____D () C:\WINDOWS\system32\setup
2014-09-18 18:07 - 2013-08-22 21:36 - 00000000 ____D () C:\WINDOWS\system32\oobe
2014-09-18 15:40 - 2014-01-04 00:45 - 00000000 ____D () C:\WINDOWS\system32\MRT
2014-09-18 15:38 - 2014-01-04 00:45 - 101694776 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2014-09-17 14:34 - 2014-02-18 18:18 - 00000000 ____D () C:\Users\Mark\Desktop\Desktop pics
2014-09-17 02:38 - 2014-07-11 03:37 - 00000000 ____D () C:\Users\Mark\Desktop\2014-07-10 Energy
2014-09-17 00:27 - 2014-02-26 18:28 - 00000000 ____D () C:\Users\Mark\Documents\PDF files
2014-09-11 23:02 - 2014-07-11 12:21 - 00000000 ___SD () C:\WINDOWS\system32\CompatTel
2014-09-11 22:56 - 2013-08-22 23:36 - 00000000 ____D () C:\WINDOWS\system32\NDF
2014-09-11 17:01 - 2014-01-14 23:32 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-09-11 15:01 - 2014-01-03 14:15 - 00003718 _____ () C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater

Files to move or delete:
====================
C:\ProgramData\SetStretch.exe


Some content of TEMP:
====================
C:\Users\Mark\AppData\Local\Temp\Quarantine.exe
C:\Users\Mark\AppData\Local\Temp\SkypeSetup.exe
C:\Users\Mark\AppData\Local\Temp\vlc-2.1.5-win32.exe
C:\Users\Mark\AppData\Local\Temp\_is5206.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-10-07 11:32

==================== End Of Log ============================



did a rescan that is why there is 2 of the first .txt


thanks again,


MB
lonchpad
2014-10-07, 08:02
malwarebites keeps popping up with a website blocked,

what should i do with this?


Maliciious website blocked

11817


thanks,

MB
OCD
2014-10-07, 09:21
Hi lonchpad,

I see from you logs you still have uTorrent installed. What are you plans related to the P2P software?

http://i1269.photobucket.com/albums/jj590/OCD-WTT/bullseye_zpse9eaf36e.gif (http://s1269.photobucket.com/user/OCD-WTT/media/bullseye2_zpse2245433.png.html) Uninstall via Programs and Features

In the Control Panel > Programs and Features. Locate and select the following and click the Remove button:

JustCloud

=========================

http://i1269.photobucket.com/albums/jj590/OCD-WTT/bullseye_zpse9eaf36e.gif (http://s1269.photobucket.com/user/OCD-WTT/media/bullseye_zpse9eaf36e.gif.html) FRST Fix Script

Open notepad. Please copy the contents of the code box below. To do this highlight the contents of the box and right click on it. Paste this into the open notepad. Save it on the desktop as fixlist.txt



Start
2014-10-04 02:35 - 2014-10-07 11:03 - 00000000 ____D () C:\Program Files (x86)\neurowise
cmd:ipconfig /flushdns
End


NOTICE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system

Run FRST and press the Fix button just once and wait.
The tool will make a log (Fixlog.txt) please post it to your reply.

=========================

http://i1269.photobucket.com/albums/jj590/OCD-WTT/bullseye_zpse9eaf36e.gif (http://s1269.photobucket.com/user/OCD-WTT/media/bullseye_zpse9eaf36e.gif.html) ESET Online Scanner

*Note:

It is recommended to disable on-board antivirus program and anti-spyware programs while performing scans so there are no conflicts and it will speed up scan time.
Please don't go surfing while your resident protection is disabled!
Once the scan is finished remember to re-enable your antivirus along with your anti-spyware programs.

** You need to run your browser with Administrator Rights, to do so right click your browsers short cut and select "Run as Administrator".

= = = = = = = = = = = = = = = = = = = =

Go here to run ESET Online Scanner (http://www.eset.eu/online-scanner)

(Note: You can use Internet Explorer or FireFox for this scan. If you use FireFox you will be asked to install an additional component. Please allow this.)


Tick the box next to YES, I accept the Terms of Use.
Click Start
When asked, allow the activex control to install
Disable your Antivirus software. You can usually do this with its Notification Tray icon near the clock
Click Start
Make sure that the option "Remove found threats" is Checked, and the option "Scan unwanted applications" is Checked.
Click Scan.
Wait for the scan to finish.
When the scan completes, click List of found threats
click Export to Text file and save the file to your desktop using a unique name, such as ESETScan.
Include the contents of this report in your next reply

Note - when ESET doesn't find any threats, no report will be created.
Push the back button.
Push Finish
Re-enable your Antivirus software.

=========================


malwarebites keeps popping up with a website blocked,
It appears that your Pandora TV is tryting to access a website that Malwarebytes' has classified as malicious.
imgcdn.ptvcdn.net with the IP address of 111.111.111.111

http://dawhois.com/?query=imgcdn.ptvcdn.net
http://dawhois.com/?query=111.111.111.111

If you feel the site/IP address is safe you can click the Exclude button in the pop-up.

In your next post please provide the following:

Fixlog.txt
ESET log
How is the computer running, any remaining isues?
lonchpad
2014-10-08, 17:06
Hi OCD,

First, thanks again for your help, you seem to know what you are doing and i really appreciate that..

As far as P2P, I would like to keep it on because it is useful for us. I appreciate the information about it, and have taken all that into consideration. my plan is to use only a known and trusted site. if I have this issue again I will remove it as this takes time that I would rather spend on family and other things.

As far as Pandora TV. I never have subscribed to that or any other online tv thing. How do I get rid of that pandora tv thing and or how did it get there?

I will send the next set of files directly, the Fixlog.txt ESET log

waiting to hear about removing this pandora thing..

thanks you again.

MB
lonchpad
2014-10-08, 17:21
tryng to do what you say with the code but for some reason I cannot save the txt file to anywhere. it just wont save.. so weird.

i can type it in by hand and it still wont save.. amazing..


any thoughts?

MB
lonchpad
2014-10-08, 18:59
The Pandora thing ended up being some service that was installed with my KMplayer,
So I uninstalled the KMplayer Service, and the pandora thing went away..


I was able to save the fixlist.txt. I assume it disappeared when I ran the FRST program. The code was for the FRST program?







Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 06-10-2014 01
Ran by Mark at 2014-10-08 22:33:52 Run:1
Running from C:\Users\Mark\Desktop
Loaded Profile: Mark (Available profiles: Mark)
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
Start
2014-10-04 02:35 - 2014-10-07 11:03 - 00000000 ____D () C:\Program Files (x86)\neurowise
cmd:ipconfig /flushdns
End
*****************

C:\Program Files (x86)\neurowise => Moved successfully.

========= ipconfig /flushdns =========


Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========= End of CMD: =========


==== End of Fixlog ====








C:\AdwCleaner\Quarantine\C\Program Files (x86)\neurowise\neurowiseUninstall.exe.vir Win32/BrowseFox.C potentially unwanted application deleted - quarantined
C:\AdwCleaner\Quarantine\C\Program Files (x86)\neurowise\updateneurowise.exe.vir a variant of MSIL/BrowseFox.H potentially unwanted application deleted - quarantined
C:\AdwCleaner\Quarantine\C\Program Files (x86)\neurowise\bin\fe65128652a1461ba17a.dll.vir Win32/BrowseFox.N potentially unwanted application deleted - quarantined
C:\AdwCleaner\Quarantine\C\Program Files (x86)\neurowise\bin\fe65128652a1461ba17a64.dll.vir Win64/BrowseFox.C potentially unwanted application deleted - quarantined
C:\AdwCleaner\Quarantine\C\Program Files (x86)\neurowise\bin\neurowise.BOAS.exe.vir a variant of Win32/BrowseFox.R potentially unwanted application deleted - quarantined
C:\AdwCleaner\Quarantine\C\Program Files (x86)\neurowise\bin\neurowise.BOASHelper.exe.vir a variant of Win32/BrowseFox.R potentially unwanted application deleted - quarantined
C:\AdwCleaner\Quarantine\C\Program Files (x86)\neurowise\bin\neurowise.BOASPRT.exe.vir a variant of Win32/BrowseFox.R potentially unwanted application deleted - quarantined
C:\AdwCleaner\Quarantine\C\Program Files (x86)\neurowise\bin\neurowise.BrowserAdapter.exe.vir a variant of Win32/BrowseFox.P potentially unwanted application deleted - quarantined
C:\AdwCleaner\Quarantine\C\Program Files (x86)\neurowise\bin\neurowise.BrowserAdapter64.exe.vir Win64/BrowseFox.B potentially unwanted application deleted - quarantined
C:\AdwCleaner\Quarantine\C\Program Files (x86)\neurowise\bin\neurowise.PurBrowse64.exe.vir a variant of Win64/BrowseFox.A potentially unwanted application deleted - quarantined
C:\AdwCleaner\Quarantine\C\Program Files (x86)\neurowise\bin\tmp946C.tmp.vir a variant of MSIL/BrowseFox.H potentially unwanted application deleted - quarantined
C:\AdwCleaner\Quarantine\C\Program Files (x86)\neurowise\bin\tmpA17A.tmp.vir a variant of MSIL/BrowseFox.H potentially unwanted application deleted - quarantined
C:\AdwCleaner\Quarantine\C\Program Files (x86)\neurowise\bin\utilneurowise.exe.vir a variant of MSIL/BrowseFox.H potentially unwanted application deleted - quarantined
C:\AdwCleaner\Quarantine\C\Program Files (x86)\neurowise\bin\{fe651286-52a1-461b-a17a-f258b4b81968}.dll.vir a variant of Win32/BrowseFox.M potentially unwanted application deleted - quarantined
C:\AdwCleaner\Quarantine\C\Program Files (x86)\neurowise\bin\{fe651286-52a1-461b-a17a-f258b4b81968}64.dll.vir Win64/BrowseFox.D potentially unwanted application deleted - quarantined
C:\AdwCleaner\Quarantine\C\Program Files (x86)\neurowise\bin\plugins\neurowise.BOAS.dll.vir a variant of MSIL/BrowseFox.G potentially unwanted application deleted - quarantined
C:\AdwCleaner\Quarantine\C\Program Files (x86)\neurowise\bin\plugins\neurowise.Bromon.dll.vir a variant of MSIL/BrowseFox.G potentially unwanted application deleted - quarantined
C:\AdwCleaner\Quarantine\C\Program Files (x86)\neurowise\bin\plugins\neurowise.BroStats.dll.vir a variant of MSIL/BrowseFox.G potentially unwanted application deleted - quarantined
C:\AdwCleaner\Quarantine\C\Program Files (x86)\neurowise\bin\plugins\neurowise.BrowserAdapter.dll.vir a variant of MSIL/BrowseFox.G potentially unwanted application deleted - quarantined
C:\AdwCleaner\Quarantine\C\Program Files (x86)\neurowise\bin\plugins\neurowise.CompatibilityChecker.dll.vir a variant of MSIL/BrowseFox.G potentially unwanted application deleted - quarantined
C:\AdwCleaner\Quarantine\C\Program Files (x86)\neurowise\bin\plugins\neurowise.FFUpdate.dll.vir a variant of MSIL/BrowseFox.E potentially unwanted application deleted - quarantined
C:\AdwCleaner\Quarantine\C\Program Files (x86)\neurowise\bin\plugins\neurowise.IEUpdate.dll.vir a variant of MSIL/BrowseFox.G potentially unwanted application deleted - quarantined
C:\AdwCleaner\Quarantine\C\Program Files (x86)\neurowise\bin\plugins\neurowise.PurBrowse.dll.vir a variant of MSIL/BrowseFox.G potentially unwanted application deleted - quarantined
C:\AdwCleaner\Quarantine\C\Users\Mark\AppData\Local\genienext\nengine.dll.vir Win32/NextLive.A potentially unwanted application deleted - quarantined
C:\AdwCleaner\Quarantine\C\Users\Mark\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\DaemonProcess.exe.vir a variant of Win32/Mobogenie.A potentially unwanted application deleted - quarantined
C:\AdwCleaner\Quarantine\C\Users\Mark\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\Mobogenie.exe.vir a variant of Win32/Mobogenie.A potentially unwanted application deleted - quarantined
C:\AdwCleaner\Quarantine\C\Users\Mark\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\nengine.dll.vir Win32/NextLive.A potentially unwanted application deleted - quarantined
C:\AdwCleaner\Quarantine\C\Users\Mark\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\New_UpdateMoboGenie.exe.vir a variant of Win32/Mobogenie.A potentially unwanted application deleted - quarantined
C:\FRST\Quarantine\C\Program Files (x86)\neurowise\bin\fe65128652a1461ba17a.dll Win32/BrowseFox.N potentially unwanted application deleted - quarantined
C:\FRST\Quarantine\C\Program Files (x86)\neurowise\bin\fe65128652a1461ba17a64.dll Win64/BrowseFox.C potentially unwanted application deleted - quarantined
C:\FRST\Quarantine\C\Program Files (x86)\neurowise\bin\neurowise.BOAS.exe a variant of Win32/BrowseFox.R potentially unwanted application deleted - quarantined
C:\FRST\Quarantine\C\Program Files (x86)\neurowise\bin\neurowise.BOASHelper.exe a variant of Win32/BrowseFox.R potentially unwanted application deleted - quarantined
C:\FRST\Quarantine\C\Program Files (x86)\neurowise\bin\neurowise.BOASPRT.exe a variant of Win32/BrowseFox.R potentially unwanted application deleted - quarantined
C:\FRST\Quarantine\C\Program Files (x86)\neurowise\bin\neurowise.BrowserAdapter.exe a variant of Win32/BrowseFox.P potentially unwanted application deleted - quarantined
C:\FRST\Quarantine\C\Program Files (x86)\neurowise\bin\neurowise.BrowserAdapter64.exe Win64/BrowseFox.B potentially unwanted application deleted - quarantined
C:\FRST\Quarantine\C\Program Files (x86)\neurowise\bin\{fe651286-52a1-461b-a17a-f258b4b81968}.dll a variant of Win32/BrowseFox.M potentially unwanted application deleted - quarantined
C:\FRST\Quarantine\C\Program Files (x86)\neurowise\bin\{fe651286-52a1-461b-a17a-f258b4b81968}64.dll Win64/BrowseFox.D potentially unwanted application deleted - quarantined
C:\Users\Mark\Downloads\cbsidlm-cbsi213-AVI_Codec_Pack_Pro-SEO-10509745.exe a variant of Win32/CNETInstaller.B potentially unwanted application deleted - quarantined
C:\Users\Mark\Downloads\ChromeSetup.exe a variant of Win32/InstallCore.BY potentially unwanted application deleted - quarantined
C:\Users\Mark\Downloads\freepdftoworddocconverter-setup.exe Win32/DownloadAdmin.G potentially unwanted application deleted - quarantined
C:\Users\Mark\Downloads\TorchSetupk-r107-n-bf.exe a variant of Win32/TorchMedia potentially unwanted application deleted - quarantined
D:\E-Book 3000 Downloads\iLividSetup-r287-n-bi.exe Win32/Toolbar.SearchSuite potentially unwanted application deleted - quarantined





Here you go,,

Anything else?

I'll restart and use the computer some and tell you in another reply how it seems to be runnning.

Thanks a Million!!

MB
OCD
2014-10-09, 04:26
Hi lonchpad,

http://i1269.photobucket.com/albums/jj590/OCD-WTT/bullseye_zpse9eaf36e.gif (http://s1269.photobucket.com/user/OCD-WTT/media/bullseye_zpse9eaf36e.gif.html) Re-run Farbar Recovery Scan Tool it should be on your desktop.


Windows XP : Double click on the icon to run it.
Windows Vista, Windows 7 & 8 : Right click and select "Run as Administrator"

When the tool opens click Yes to disclaimer.
Press Scan button.
It will make a log (FRST.txt) in the same directory the tool is run. Please copy and paste it to your reply.

=========================

In your next post please provide the following:

FRST.txt
lonchpad
2014-10-09, 05:51
Here you go,

Again, Thank you for all your help.

MB



Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 06-10-2014 01
Ran by Mark (administrator) on MBASUS31DEC2103 on 09-10-2014 10:47:41
Running from C:\Users\Mark\Desktop
Loaded Profile: Mark (Available profiles: Mark)
Platform: Windows 8.1 (X64) OS Language: English (United States)
Internet Explorer Version 11
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(ASUS) C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnSrv.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
() C:\ProgramData\DatacardService\HWDeviceService64.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
() C:\ProgramData\MobileBrServ\mbbService.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.24.15\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.24.15\GoogleCrashHandler64.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\Browny02\BrYNSvc.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Intel Corporation) C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
(Intel(R) Corporation) C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
(ASUS) C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnWMI.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe
(ASUS) C:\Program Files\ASUS\P4G\BatteryLife.exe
(ASUS) C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnCfg.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLoader.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\QuickGesture\x64\QuickGesture64.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\QuickGesture\x86\QuickGesture.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPCenter.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPHelper.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
(Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe
(Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe
(CyberLink Corp.) C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\ControlCenter4\BrCtrlCntr.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\ControlCenter4\BrCcUxSys.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\Brother\Brother Help\BrotherHelp.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
() C:\Program Files (x86)\Jawbone\JawboneUpdater.exe
(ASUS) C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
() C:\Program Files (x86)\ASUS\Splendid\ColorUService.exe
(ASUSTeK) C:\Windows\SysWOW64\ACEngSvr.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonX86\Microsoft Shared\OFFICE15\CSISYNCCLIENT.EXE
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_15_0_0_152.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_15_0_0_152.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AcroRd32.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AcroRd32.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13213328 2012-10-18] (Realtek Semiconductor)
HKLM\...\Run: [BTMTrayAgent] => rundll32.exe "C:\Program Files (x86)\Intel\Bluetooth\btmshell.dll",TrayApp
HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch
HKLM-x32\...\Run: [Adobe Reader Speed Launcher] => "C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe"
HKLM-x32\...\Run: [RemoteControl10] => C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe [91432 2012-03-29] (CyberLink Corp.)
HKLM-x32\...\Run: [ASUSWebStorage] => C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.9.120\AsusWSPanel.exe [3417984 2012-08-28] (ASUS Cloud Corporation)
HKLM-x32\...\Run: [SDTray] => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe [5624784 2013-07-26] (Safer-Networking Ltd.)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959176 2014-08-22] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [KiesTrayAgent] => C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe [311616 2014-02-03] (Samsung Electronics Co., Ltd.)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2014-01-17] (Apple Inc.)
HKLM-x32\...\Run: [ControlCenter4] => C:\Program Files (x86)\ControlCenter4\BrCcBoot.exe [139264 2013-05-15] (Brother Industries, Ltd.)
HKLM-x32\...\Run: [BrStsMon00] => C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe [4522496 2012-12-27] (Brother Industries, Ltd.)
HKLM-x32\...\Run: [BrHelp] => C:\Program Files (x86)\Brother\Brother Help\BrotherHelp.exe [2009088 2013-01-18] (Brother Industries, Ltd.)
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2014-09-01] (Apple Inc.)
Winlogon\Notify\igfxcui: C:\WINDOWS\system32\igfxdev.dll (Intel Corporation)
Winlogon\Notify\SDWinLogon-x32: SDWinLogon.dll [X]
HKU\S-1-5-21-1579019205-3585864088-4210726827-1001\...\Run: [SkyDrive] => C:\Users\Mark\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe [251040 2014-08-08] (Microsoft Corporation)
HKU\S-1-5-21-1579019205-3585864088-4210726827-1001\...\Run: [Messenger (Yahoo!)] => C:\Program Files (x86)\Yahoo!\Messenger\YahooMessenger.exe [6595928 2012-05-25] (Yahoo! Inc.)
HKU\S-1-5-21-1579019205-3585864088-4210726827-1001\...\Run: [uTorrent] => C:\Users\Mark\AppData\Roaming\uTorrent\uTorrent.exe [1416016 2014-09-25] (BitTorrent Inc.)
HKU\S-1-5-21-1579019205-3585864088-4210726827-1001\...\Run: [KiesPreload] => C:\Program Files (x86)\Samsung\Kies\Kies.exe [1564992 2014-02-03] (Samsung)
HKU\S-1-5-21-1579019205-3585864088-4210726827-1001\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [43816 2014-08-08] (Apple Inc.)
HKU\S-1-5-21-1579019205-3585864088-4210726827-1001\...\Run: [ApplePhotoStreams] => C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe [43816 2014-08-14] (Apple Inc.)
HKU\S-1-5-21-1579019205-3585864088-4210726827-1001\...\Run: [GoogleDriveSync] => C:\Program Files (x86)\Google\Drive\googledrivesync.exe [22734160 2014-08-08] (Google)
HKU\S-1-5-21-1579019205-3585864088-4210726827-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [22041192 2014-08-27] (Skype Technologies S.A.)
HKU\S-1-5-21-1579019205-3585864088-4210726827-1001\...\Run: [Spybot-S&D Cleaning] => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDCleaner.exe [3666224 2013-09-21] (Safer-Networking Ltd.)
HKU\S-1-5-21-1579019205-3585864088-4210726827-1001\...\MountPoints2: {01114c1d-0764-11e4-bea6-582c80139263} - "G:\AutoRun.exe"
HKU\S-1-5-21-1579019205-3585864088-4210726827-1001\...\MountPoints2: {055c0a3a-d0fe-11e3-be96-84a6c8e4c414} - "G:\AutoRun.exe"
HKU\S-1-5-21-1579019205-3585864088-4210726827-1001\...\MountPoints2: {140c7816-36ad-11e4-beb2-84a6c8e4c414} - "G:\AutoRun.exe"
HKU\S-1-5-21-1579019205-3585864088-4210726827-1001\...\MountPoints2: {17800a7f-34c5-11e4-beb0-84a6c8e4c414} - "G:\AutoRun.exe"
HKU\S-1-5-21-1579019205-3585864088-4210726827-1001\...\MountPoints2: {17800f34-34c5-11e4-beb0-84a6c8e4c414} - "G:\AutoRun.exe"
HKU\S-1-5-21-1579019205-3585864088-4210726827-1001\...\MountPoints2: {25fe3a0a-bcbd-11e3-be92-582c80139263} - "H:\LaunchU3.exe" -a
HKU\S-1-5-21-1579019205-3585864088-4210726827-1001\...\MountPoints2: {6c4768c9-078b-11e4-bea7-84a6c8e4c414} - "G:\AutoRun.exe"
HKU\S-1-5-21-1579019205-3585864088-4210726827-1001\...\MountPoints2: {6c477ef7-078b-11e4-bea7-84a6c8e4c414} - "G:\AutoRun.exe"
HKU\S-1-5-21-1579019205-3585864088-4210726827-1001\...\MountPoints2: {6c4780a4-078b-11e4-bea7-84a6c8e4c414} - "G:\AutoRun.exe"
HKU\S-1-5-21-1579019205-3585864088-4210726827-1001\...\MountPoints2: {fd22fcb2-a2dd-11e3-be87-84a6c8e4c414} - "G:\AutoRun.exe"
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\CineForm Status.lnk
ShortcutTarget: CineForm Status.lnk -> C:\Program Files (x86)\CineForm\Tools\GoProCineFormStatusViewer.exe (GoPro)
Startup: C:\Users\Mark\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Launch Jawbone Updater.lnk
ShortcutTarget: Launch Jawbone Updater.lnk -> C:\Program Files (x86)\Jawbone\LaunchJU.exe ()
ShellIconOverlayIdentifiers: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => No File
ShellIconOverlayIdentifiers: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => No File
ShellIconOverlayIdentifiers: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => No File
ShellIconOverlayIdentifiers: [ SkyDrivePro1 (ErrorConflict)] -> {8BA85C75-763B-4103-94EB-9470F12FE0F7} => C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ SkyDrivePro2 (SyncInProgress)] -> {CD55129A-B1A1-438E-A425-CEBC7DC684EE} => C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ SkyDrivePro3 (InSync)] -> {E768CD3B-BDDC-436D-9C13-E1B39CA257B1} => C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
ShellIconOverlayIdentifiers: [AsusWSShellExt_B] -> {6D4133E5-0742-4ADC-8A8C-9303440F7190} => C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.9.120\ASUSWSShellExt64.dll (ASUS Cloud Corporation.)
ShellIconOverlayIdentifiers: [AsusWSShellExt_O] -> {64174815-8D98-4CE6-8646-4C039977D808} => C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.9.120\ASUSWSShellExt64.dll (ASUS Cloud Corporation.)
ShellIconOverlayIdentifiers: [AsusWSShellExt_U] -> {1C5AB7B1-0B38-4EC4-9093-7FD277E2AF4D} => C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.9.120\ASUSWSShellExt64.dll (ASUS Cloud Corporation.)
ShellIconOverlayIdentifiers-x32: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => No File
ShellIconOverlayIdentifiers-x32: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => No File
ShellIconOverlayIdentifiers-x32: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => No File

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.100.1

FireFox:
========
FF ProfilePath: C:\Users\Mark\AppData\Roaming\Mozilla\Firefox\Profiles\188zl65w.default
FF Homepage: https://www.facebook.com/mark.burke.77|https://mail.google.com/mail/u/0/?pli=1#inbox|https://www.siriusxm.com/player/#view=login
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_15_0_0_152.dll ()
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_152.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1207148.dll (Adobe Systems, Inc.)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @divx.com/DivX Browser Plugin,version=1.0.0 -> C:\WINDOWS\system32\C2MP\npdivx32.dll No File
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6 -> C:\Program Files (x86)\Yahoo!\Shared\npYState.dll (Yahoo! Inc.)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @SonyCreativeSoftware.com/Media Go,version=1.0 -> C:\Program Files (x86)\Sony\Media Go\npmediago.dll (Sony Network Entertainment International LLC)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.0 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Extension: iCloud Bookmarks - C:\Users\Mark\AppData\Roaming\Mozilla\Firefox\Profiles\188zl65w.default\Extensions\firefoxdav@icloud.com [2014-06-17]
FF Extension: Garmin Communicator - C:\Users\Mark\AppData\Roaming\Mozilla\Firefox\Profiles\188zl65w.default\Extensions\{195A3098-0BD5-4e90-AE22-BA1C540AFD1E} [2014-04-21]
FF Extension: DownloadHelper - C:\Users\Mark\AppData\Roaming\Mozilla\Firefox\Profiles\188zl65w.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d} [2014-09-06]
FF Extension: Route Rat - C:\Users\Mark\AppData\Roaming\Mozilla\Firefox\Profiles\188zl65w.default\Extensions\jid1-gj6Yirk3s75wkA@jetpack.xpi [2014-05-05]
FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2014-07-14]
FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK

Chrome:
=======
CHR HomePage: Default ->
CHR DefaultSearchKeyword: Default -> 38D0AAB7A5CCD641CDDF5C784C33DF3535117274E8E7A0E9E6816BFE9B621399
CHR DefaultSearchURL: Default -> A9F2CB76508DBA89C7A2EA9D2A6B9B09A88EC6CD07448E80B1CF064D9D3C6E62
CHR Profile: C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Docs) - C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-01-13]
CHR Extension: (Google Drive) - C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-01-13]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-07-31]
CHR Extension: (YouTube) - C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-01-13]
CHR Extension: (Google Search) - C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-01-13]
CHR Extension: (Skype Click to Call) - C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2014-10-09]
CHR Extension: (Google Wallet) - C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-01-13]
CHR Extension: (Gmail) - C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-01-13]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2014-07-14]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 ASUS InstantOn; C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnSrv.exe [277120 2012-04-14] (ASUS)
R3 BrYNSvc; C:\Program Files (x86)\Browny02\BrYNSvc.exe [282112 2012-10-26] (Brother Industries, Ltd.) [File not signed]
R3 BthHFSrv; C:\Windows\System32\BthHFSrv.dll [321024 2013-08-22] (Microsoft Corporation)
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1390176 2014-07-14] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1767520 2014-07-14] (Microsoft Corporation)
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2428088 2014-08-12] (Microsoft Corporation)
R2 HWDeviceService64.exe; C:\ProgramData\DatacardService\HWDeviceService64.exe [351824 2013-04-10] ()
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [165760 2012-07-17] (Intel Corporation)
R3 KeyIso; C:\Windows\SysWOW64\keyiso.dll [44032 2013-08-22] (Microsoft Corporation)
S3 lfsvc; C:\Windows\SysWOW64\GeofenceMonitorService.dll [357376 2014-03-14] (Microsoft Corporation)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1809720 2014-05-12] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [860472 2014-05-12] (Malwarebytes Corporation)
R2 Mobile Broadband HL Service; C:\ProgramData\MobileBrServ\mbbservice.exe [239696 2013-07-23] ()
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [273136 2013-08-29] ()
S3 Netlogon; C:\Windows\SysWOW64\netlogon.dll [688640 2014-03-06] (Microsoft Corporation)
R2 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [3921880 2013-10-16] (Safer-Networking Ltd.)
R2 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [1042272 2013-09-21] (Safer-Networking Ltd.)
R2 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [171416 2013-09-14] (Safer-Networking Ltd.)
S3 smphost; C:\Windows\SysWOW64\smphost.dll [11776 2013-08-22] (Microsoft Corporation)
S3 StorSvc; C:\Windows\SysWOW64\storsvc.dll [18944 2013-08-22] (Microsoft Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347880 2014-03-24] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2014-03-24] (Microsoft Corporation)
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3378416 2013-08-29] (Intel® Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R3 ATP; C:\Windows\System32\drivers\AsusTP.sys [61824 2012-11-01] (ASUS Corporation)
R3 BthA2DP; C:\Windows\system32\drivers\BthA2DP.sys [131584 2013-08-22] (Microsoft Corporation)
R3 BthHFAud; C:\Windows\system32\DRIVERS\BthHfAud.sys [32640 2013-08-22] (Microsoft Corporation)
R3 BthLEEnum; C:\Windows\System32\drivers\BthLEEnum.sys [226304 2013-12-05] (Microsoft Corporation)
R3 kbfiltr; C:\Windows\System32\drivers\kbfiltr.sys [14992 2012-08-02] ( )
S3 libusb0; C:\Windows\system32\DRIVERS\libusb0.sys [52320 2014-08-15] (http://libusb-win32.sourceforge.net)
R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [25816 2014-05-12] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [122584 2014-10-09] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\WINDOWS\system32\drivers\mwac.sys [64216 2014-05-12] (Malwarebytes Corporation)
R3 NETwNe64; C:\Windows\system32\DRIVERS\Netwew00.sys [3345376 2013-10-09] (Intel Corporation)
R3 usb3Hub; C:\Windows\System32\drivers\usb3Hub.sys [47072 2012-10-10] (Windows (R) Win 7 DDK provider)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [123224 2014-03-24] (Microsoft Corporation)
R3 XHCIPort; C:\Windows\System32\drivers\XHCIPort.sys [188896 2012-10-10] (Windows (R) Win 7 DDK provider)

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-10-08 23:57 - 2014-10-08 23:57 - 00007178 _____ () C:\Users\Mark\Desktop\ESETScan.txt
2014-10-08 23:15 - 2014-10-08 23:15 - 00000000 ____D () C:\Program Files (x86)\ESET
2014-10-08 23:14 - 2014-10-08 23:14 - 02347384 _____ (ESET) C:\Users\Mark\Downloads\esetsmartinstaller_enu.exe
2014-10-08 23:02 - 2014-10-08 23:02 - 00000000 ____D () C:\Users\Mark\Documents\ProcAlyzer Dumps
2014-10-07 12:16 - 2014-10-07 12:16 - 00000000 ____D () C:\Users\Mark\Desktop\FRST-OlderVersion
2014-10-07 12:15 - 2014-10-07 12:15 - 00024549 _____ () C:\Users\Mark\Desktop\11.txt
2014-10-07 12:15 - 2014-10-07 12:15 - 00001966 _____ () C:\Users\Mark\Desktop\111.txt
2014-10-07 10:46 - 2014-10-09 08:35 - 00122584 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2014-10-07 10:45 - 2014-10-07 10:45 - 00001120 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-10-07 10:45 - 2014-10-07 10:45 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-10-07 10:45 - 2014-10-07 10:45 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-10-07 10:45 - 2014-10-07 10:45 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-10-07 10:45 - 2014-05-12 07:26 - 00091352 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2014-10-07 10:45 - 2014-05-12 07:26 - 00064216 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mwac.sys
2014-10-07 10:45 - 2014-05-12 07:25 - 00025816 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbam.sys
2014-10-07 10:41 - 2014-10-07 10:41 - 00001571 _____ () C:\Users\Mark\Desktop\JRT2.txt
2014-10-07 10:40 - 2014-10-07 10:40 - 00001571 _____ () C:\Users\Mark\Desktop\JRT.txt
2014-10-07 10:36 - 2014-10-07 10:36 - 00000000 ____D () C:\WINDOWS\ERUNT
2014-10-07 10:33 - 2014-10-07 10:34 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Mark\Downloads\mbam-setup-2.0.2.1012.exe
2014-10-07 10:27 - 2014-10-07 10:28 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Mark\Desktop\mbam-setup-2.0.2.1012.exe
2014-10-07 10:26 - 2014-10-07 10:26 - 01705141 _____ (Thisisu) C:\Users\Mark\Desktop\JRT.exe
2014-10-07 10:18 - 2014-10-07 10:18 - 00006410 _____ () C:\Users\Mark\Desktop\AdwCleaner[S0].txt
2014-10-07 10:08 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\WINDOWS\SysWOW64\sqlite3.dll
2014-10-07 10:07 - 2014-10-07 10:10 - 00000000 ____D () C:\AdwCleaner
2014-10-07 10:05 - 2014-10-07 10:05 - 01375089 _____ () C:\Users\Mark\Desktop\AdwCleaner.exe
2014-10-05 22:53 - 2014-10-09 10:47 - 00025617 _____ () C:\Users\Mark\Desktop\FRST.txt
2014-10-05 22:53 - 2014-10-09 10:47 - 00000000 ____D () C:\FRST
2014-10-05 22:53 - 2014-10-07 12:41 - 00038555 _____ () C:\Users\Mark\Desktop\Addition.txt
2014-10-05 22:50 - 2014-10-05 22:50 - 00000598 _____ () C:\Users\Mark\Desktop\aswMBR.txt
2014-10-05 21:09 - 2014-10-05 21:09 - 00000924 _____ () C:\Users\Mark\Desktop\1 checkup.txt
2014-10-05 21:03 - 2014-10-07 12:16 - 02109952 _____ (Farbar) C:\Users\Mark\Desktop\FRST64.exe
2014-10-05 20:56 - 2014-10-05 21:00 - 05185536 _____ (AVAST Software) C:\Users\Mark\Desktop\aswMBR.exe
2014-10-05 20:55 - 2014-10-05 20:55 - 00854436 _____ () C:\Users\Mark\Desktop\SecurityCheck.exe
2014-10-04 02:36 - 2014-10-04 02:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\QuickTime
2014-10-04 02:36 - 2014-10-04 02:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\custom matrices
2014-10-04 02:36 - 2014-10-04 02:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\C2MP
2014-10-04 02:36 - 2014-10-04 02:36 - 00000000 ____D () C:\Users\Mark\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\D-i-v-X - AVI Codec Pack Pro
2014-09-30 23:14 - 2014-09-30 23:16 - 00000000 ____D () C:\Users\Mark\Desktop\computer uses
2014-09-28 16:56 - 2014-09-28 17:00 - 00000000 ____D () C:\Users\Mark\Documents\To be copied
2014-09-25 04:27 - 2014-09-25 04:28 - 00690192 _____ () C:\Users\Mark\Downloads\Bagram_Offer_Letter_.zip
2014-09-24 14:16 - 2014-09-24 14:16 - 00000000 ____D () C:\Users\Mark\Documents\Shipping
2014-09-24 14:16 - 2014-09-16 19:04 - 00038027 _____ () C:\Users\Mark\Documents\EHI RW Project Ledger 9.10.14.xlsx
2014-09-24 14:14 - 2014-09-24 14:46 - 00000000 ____D () C:\Users\Mark\Documents\Downloads Ship ake-6
2014-09-23 01:15 - 2014-09-23 01:15 - 00217549 _____ () C:\Users\Mark\Documents\water.xps
2014-09-19 03:22 - 2014-09-19 03:06 - 21043967 _____ () C:\Users\Mark\Desktop\Homemade_fuel_vaporizer_on_my_lawn_mower.mp4
2014-09-18 19:15 - 2014-09-18 19:15 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2014-09-18 19:07 - 2014-09-18 19:07 - 00003094 _____ () C:\WINDOWS\System32\Tasks\{1DC34C3C-9BFD-4856-9843-F32BC48A8A98}
2014-09-18 19:05 - 2014-09-18 19:05 - 00001797 _____ () C:\Users\Public\Desktop\iTunes.lnk
2014-09-18 19:05 - 2014-09-18 19:05 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2014-09-18 19:05 - 2014-09-18 19:05 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-09-18 19:05 - 2014-09-18 19:05 - 00000000 ____D () C:\Program Files\iTunes
2014-09-18 19:05 - 2014-09-18 19:05 - 00000000 ____D () C:\Program Files\iPod
2014-09-18 18:32 - 2014-09-18 19:05 - 00000000 ____D () C:\Program Files (x86)\iTunes
2014-09-18 17:30 - 2014-09-18 17:30 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iCloud
2014-09-18 14:48 - 2014-07-24 23:28 - 00468288 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBHUB3.SYS
2014-09-18 14:48 - 2014-07-24 23:28 - 00419648 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbhub.sys
2014-09-18 14:48 - 2014-07-24 23:28 - 00412992 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spaceport.sys
2014-09-18 14:48 - 2014-07-24 23:28 - 00280384 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pci.sys
2014-09-18 14:48 - 2014-07-24 23:28 - 00143680 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbccgp.sys
2014-09-18 14:48 - 2014-07-24 23:25 - 00054752 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2014-09-18 14:48 - 2014-07-24 23:23 - 01519488 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll
2014-09-18 14:48 - 2014-07-24 23:23 - 00125472 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmapi.dll
2014-09-18 14:48 - 2014-07-24 23:20 - 21266336 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2014-09-18 14:48 - 2014-07-24 23:20 - 00645592 _____ (Microsoft Corporation) C:\WINDOWS\system32\SHCore.dll
2014-09-18 14:48 - 2014-07-24 23:20 - 00263400 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsAdminFlows.exe
2014-09-18 14:48 - 2014-07-24 23:16 - 02574208 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMVDECOD.DLL
2014-09-18 14:48 - 2014-07-24 23:16 - 00211216 _____ (Microsoft Corporation) C:\WINDOWS\system32\SndVol.exe
2014-09-18 14:48 - 2014-07-24 23:07 - 07424320 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2014-09-18 14:48 - 2014-07-24 23:07 - 02009920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2014-09-18 14:48 - 2014-07-24 23:05 - 01660048 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2014-09-18 14:48 - 2014-07-24 23:05 - 01519560 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2014-09-18 14:48 - 2014-07-24 23:05 - 01488008 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2014-09-18 14:48 - 2014-07-24 23:05 - 01356840 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2014-09-18 14:48 - 2014-07-24 23:03 - 02141920 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2014-09-18 14:48 - 2014-07-24 23:03 - 00882136 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfplat.dll
2014-09-18 14:48 - 2014-07-24 23:03 - 00818624 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll
2014-09-18 14:48 - 2014-07-24 23:03 - 00360480 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfreadwrite.dll
2014-09-18 14:48 - 2014-07-24 23:03 - 00233888 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll
2014-09-18 14:48 - 2014-07-24 23:03 - 00205512 _____ (Microsoft Corporation) C:\WINDOWS\system32\mftranscode.dll
2014-09-18 14:48 - 2014-07-24 22:57 - 02515264 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2014-09-18 14:48 - 2014-07-24 22:57 - 00475968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netio.sys
2014-09-18 14:48 - 2014-07-24 21:50 - 00098048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmapi.dll
2014-09-18 14:48 - 2014-07-24 21:48 - 02410976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMVDECOD.DLL
2014-09-18 14:48 - 2014-07-24 21:48 - 00180208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SndVol.exe
2014-09-18 14:48 - 2014-07-24 21:46 - 18760328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2014-09-18 14:48 - 2014-07-24 21:46 - 00477200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SHCore.dll
2014-09-18 14:48 - 2014-07-24 21:36 - 02145472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2014-09-18 14:48 - 2014-07-24 21:36 - 00707536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfplat.dll
2014-09-18 14:48 - 2014-07-24 21:36 - 00674512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll
2014-09-18 14:48 - 2014-07-24 21:36 - 00355800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfreadwrite.dll
2014-09-18 14:48 - 2014-07-24 21:36 - 00180720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mftranscode.dll
2014-09-18 14:48 - 2014-07-24 19:51 - 00008192 _____ (Microsoft Corporation) C:\WINDOWS\system32\KBDRUM.DLL
2014-09-18 14:48 - 2014-07-24 19:51 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\system32\KBDYAK.DLL
2014-09-18 14:48 - 2014-07-24 19:51 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\system32\KBDTT102.DLL
2014-09-18 14:48 - 2014-07-24 19:51 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\system32\KBDTAT.DLL
2014-09-18 14:48 - 2014-07-24 19:51 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\system32\KBDRU1.DLL
2014-09-18 14:48 - 2014-07-24 19:51 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\system32\KBDBASH.DLL
2014-09-18 14:48 - 2014-07-24 19:51 - 00006656 _____ (Microsoft Corporation) C:\WINDOWS\system32\KBDRU.DLL
2014-09-18 14:48 - 2014-07-24 19:47 - 00132608 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll
2014-09-18 14:48 - 2014-07-24 19:46 - 00079872 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\IPMIDrv.sys
2014-09-18 14:48 - 2014-07-24 19:45 - 00076800 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hdaudbus.sys
2014-09-18 14:48 - 2014-07-24 19:44 - 00674816 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv2.sys
2014-09-18 14:48 - 2014-07-24 19:43 - 00412160 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv.sys
2014-09-18 14:48 - 2014-07-24 19:43 - 00064000 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthmodem.sys
2014-09-18 14:48 - 2014-07-24 19:42 - 01200640 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthport.sys
2014-09-18 14:48 - 2014-07-24 19:42 - 00446976 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\nwifi.sys
2014-09-18 14:48 - 2014-07-24 19:42 - 00126464 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\NdisImPlatform.sys
2014-09-18 14:48 - 2014-07-24 19:41 - 00118272 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthpan.sys
2014-09-18 14:48 - 2014-07-24 19:41 - 00115712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bridge.sys
2014-09-18 14:48 - 2014-07-24 19:33 - 00059392 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups.dll
2014-09-18 14:48 - 2014-07-24 19:33 - 00050688 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups2.dll
2014-09-18 14:48 - 2014-07-24 19:22 - 00308736 _____ (Microsoft Corporation) C:\WINDOWS\system32\compstui.dll
2014-09-18 14:48 - 2014-07-24 19:06 - 00220160 _____ (Microsoft Corporation) C:\WINDOWS\system32\iasnap.dll
2014-09-18 14:48 - 2014-07-24 19:05 - 00287232 _____ (Microsoft Corporation) C:\WINDOWS\system32\usbmon.dll
2014-09-18 14:48 - 2014-07-24 19:05 - 00226816 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebClnt.dll
2014-09-18 14:48 - 2014-07-24 18:52 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KBDYAK.DLL
2014-09-18 14:48 - 2014-07-24 18:52 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KBDTT102.DLL
2014-09-18 14:48 - 2014-07-24 18:52 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KBDTAT.DLL
2014-09-18 14:48 - 2014-07-24 18:51 - 00008192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KBDRUM.DLL
2014-09-18 14:48 - 2014-07-24 18:51 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KBDRU1.DLL
2014-09-18 14:48 - 2014-07-24 18:51 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KBDBASH.DLL
2014-09-18 14:48 - 2014-07-24 18:51 - 00006656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KBDRU.DLL
2014-09-18 14:48 - 2014-07-24 18:49 - 00065536 _____ (Microsoft Corporation) C:\WINDOWS\system32\WorkFoldersGPExt.dll
2014-09-18 14:48 - 2014-07-24 18:33 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wups.dll
2014-09-18 14:48 - 2014-07-24 18:32 - 00207360 _____ (Microsoft Corporation) C:\WINDOWS\system32\powercfg.cpl
2014-09-18 14:48 - 2014-07-24 18:20 - 02050560 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRH.dll
2014-09-18 14:48 - 2014-07-24 18:18 - 01089024 _____ (Microsoft Corporation) C:\WINDOWS\system32\gpedit.dll
2014-09-18 14:48 - 2014-07-24 18:12 - 00878592 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActionCenter.dll
2014-09-18 14:48 - 2014-07-24 18:10 - 01844224 _____ (Microsoft Corporation) C:\WINDOWS\system32\Display.dll
2014-09-18 14:48 - 2014-07-24 18:10 - 00834560 _____ (Microsoft Corporation) C:\WINDOWS\system32\osk.exe
2014-09-18 14:48 - 2014-07-24 18:10 - 00198656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WebClnt.dll
2014-09-18 14:48 - 2014-07-24 18:10 - 00168960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iasnap.dll
2014-09-18 14:48 - 2014-07-24 18:09 - 01057280 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdvidcrl.dll
2014-09-18 14:48 - 2014-07-24 18:06 - 00438272 _____ (Microsoft Corporation) C:\WINDOWS\system32\puiobj.dll
2014-09-18 14:48 - 2014-07-24 18:05 - 00187392 _____ (Microsoft Corporation) C:\WINDOWS\system32\WorkFoldersShell.dll
2014-09-18 14:48 - 2014-07-24 17:53 - 00215552 _____ (Microsoft Corporation) C:\WINDOWS\system32\prnntfy.dll
2014-09-18 14:48 - 2014-07-24 17:52 - 00621056 _____ (Microsoft Corporation) C:\WINDOWS\system32\comdlg32.dll
2014-09-18 14:48 - 2014-07-24 17:44 - 16874496 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2014-09-18 14:48 - 2014-07-24 17:42 - 00206336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\powercfg.cpl
2014-09-18 14:48 - 2014-07-24 17:40 - 00557056 _____ (Microsoft Corporation) C:\WINDOWS\system32\PrintDialogs.dll
2014-09-18 14:48 - 2014-07-24 17:39 - 00770048 _____ (Microsoft Corporation) C:\WINDOWS\system32\WorkfoldersControl.dll
2014-09-18 14:48 - 2014-07-24 17:33 - 01741824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SRH.dll
2014-09-18 14:48 - 2014-07-24 17:32 - 01048064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gpedit.dll
2014-09-18 14:48 - 2014-07-24 17:27 - 00855552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdvidcrl.dll
2014-09-18 14:48 - 2014-07-24 17:27 - 00779264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\osk.exe
2014-09-18 14:48 - 2014-07-24 17:25 - 00832512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActionCenter.dll
2014-09-18 14:48 - 2014-07-24 17:24 - 01817088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Display.dll
2014-09-18 14:48 - 2014-07-24 17:23 - 00328704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\puiobj.dll
2014-09-18 14:48 - 2014-07-24 17:21 - 00134144 _____ (Microsoft Corporation) C:\WINDOWS\system32\browser.dll
2014-09-18 14:48 - 2014-07-24 17:18 - 00018432 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvcpal.dll
2014-09-18 14:48 - 2014-07-24 17:16 - 12730880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2014-09-18 14:48 - 2014-07-24 17:14 - 00443904 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansec.dll
2014-09-18 14:48 - 2014-07-24 17:13 - 00195584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\prnntfy.dll
2014-09-18 14:48 - 2014-07-24 17:12 - 00127488 _____ (Microsoft Corporation) C:\WINDOWS\system32\WiFiDisplay.dll
2014-09-18 14:48 - 2014-07-24 17:11 - 00356864 _____ (Microsoft Corporation) C:\WINDOWS\system32\conhost.exe
2014-09-18 14:48 - 2014-07-24 17:11 - 00063488 _____ (Microsoft Corporation) C:\WINDOWS\system32\wshbth.dll
2014-09-18 14:48 - 2014-07-24 17:10 - 00540672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comdlg32.dll
2014-09-18 14:48 - 2014-07-24 17:09 - 00116736 _____ (Microsoft Corporation) C:\WINDOWS\system32\httpprxm.dll
2014-09-18 14:48 - 2014-07-24 17:04 - 00492032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintDialogs.dll
2014-09-18 14:48 - 2014-07-24 17:04 - 00183808 _____ (Microsoft Corp.) C:\WINDOWS\system32\Defrag.exe
2014-09-18 14:48 - 2014-07-24 17:03 - 00324096 _____ (Microsoft Corporation) C:\WINDOWS\system32\srvsvc.dll
2014-09-18 14:48 - 2014-07-24 17:02 - 00220160 _____ (Microsoft Corporation) C:\WINDOWS\system32\profsvc.dll
2014-09-18 14:48 - 2014-07-24 16:58 - 00105472 _____ (Microsoft Corporation) C:\WINDOWS\system32\BluetoothApis.dll
2014-09-18 14:48 - 2014-07-24 16:53 - 01261056 _____ (Microsoft Corporation) C:\WINDOWS\system32\gpsvc.dll
2014-09-18 14:48 - 2014-07-24 16:53 - 00449536 _____ (Microsoft Corporation) C:\WINDOWS\system32\defragsvc.dll
2014-09-18 14:48 - 2014-07-24 16:49 - 01361408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll
2014-09-18 14:48 - 2014-07-24 16:49 - 01287680 _____ (Microsoft Corporation) C:\WINDOWS\system32\mispace.dll
2014-09-18 14:48 - 2014-07-24 16:49 - 00296960 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanapi.dll
2014-09-18 14:48 - 2014-07-24 16:49 - 00075776 _____ (Microsoft Corporation) C:\WINDOWS\system32\adhsvc.dll
2014-09-18 14:48 - 2014-07-24 16:48 - 00659968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Bluetooth.dll
2014-09-18 14:48 - 2014-07-24 16:47 - 00102912 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmcsp.dll
2014-09-18 14:48 - 2014-07-24 16:43 - 00051200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wshbth.dll
2014-09-18 14:48 - 2014-07-24 16:39 - 02397184 _____ (Microsoft Corporation) C:\WINDOWS\system32\storagewmi.dll
2014-09-18 14:48 - 2014-07-24 16:38 - 00371200 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanmsm.dll
2014-09-18 14:48 - 2014-07-24 16:36 - 00079872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BluetoothApis.dll
2014-09-18 14:48 - 2014-07-24 16:32 - 01532416 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvc.dll
2014-09-18 14:48 - 2014-07-24 16:30 - 00230400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlanapi.dll
2014-09-18 14:48 - 2014-07-24 16:29 - 00439296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Bluetooth.dll
2014-09-18 14:48 - 2014-07-24 16:28 - 00595456 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.dll
2014-09-18 14:48 - 2014-07-24 16:27 - 00907776 _____ (Microsoft Corporation) C:\WINDOWS\system32\iphlpsvc.dll
2014-09-18 14:48 - 2014-07-24 16:24 - 00249344 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2014-09-18 14:48 - 2014-07-24 16:23 - 01404416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\storagewmi.dll
2014-09-18 14:48 - 2014-07-24 16:22 - 00487936 _____ (Microsoft Corporation) C:\WINDOWS\system32\winspool.drv
2014-09-18 14:48 - 2014-07-24 16:21 - 01231872 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2014-09-18 14:48 - 2014-07-24 16:21 - 00302080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlanmsm.dll
2014-09-18 14:48 - 2014-07-24 16:20 - 00187392 _____ (Microsoft Corporation) C:\WINDOWS\system32\puiapi.dll
2014-09-18 14:48 - 2014-07-24 16:19 - 00388608 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUSettingsProvider.dll
2014-09-18 14:48 - 2014-07-24 16:18 - 01144320 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanmm.dll
2014-09-18 14:48 - 2014-07-24 16:18 - 00795136 _____ (Microsoft Corporation) C:\WINDOWS\system32\spoolsv.exe
2014-09-18 14:48 - 2014-07-24 16:18 - 00093696 _____ (Microsoft Corporation) C:\WINDOWS\system32\wudriver.dll
2014-09-18 14:48 - 2014-07-24 16:16 - 00505344 _____ (Microsoft Corporation) C:\WINDOWS\system32\VAN.dll
2014-09-18 14:48 - 2014-07-24 16:16 - 00084480 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpdbusenum.dll
2014-09-18 14:48 - 2014-07-24 16:15 - 00828416 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2014-09-18 14:48 - 2014-07-24 16:15 - 00721408 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.dll
2014-09-18 14:48 - 2014-07-24 16:15 - 00432128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.dll
2014-09-18 14:48 - 2014-07-24 16:13 - 00226304 _____ (Microsoft Corporation) C:\WINDOWS\system32\SndVolSSO.dll
2014-09-18 14:48 - 2014-07-24 16:12 - 00189952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2014-09-18 14:48 - 2014-07-24 16:10 - 01029632 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll
2014-09-18 14:48 - 2014-07-24 16:10 - 00889344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2014-09-18 14:48 - 2014-07-24 16:10 - 00806400 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32spl.dll
2014-09-18 14:48 - 2014-07-24 16:10 - 00371712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winspool.drv
2014-09-18 14:48 - 2014-07-24 16:08 - 00321536 _____ (Microsoft Corporation) C:\WINDOWS\system32\stobject.dll
2014-09-18 14:48 - 2014-07-24 16:08 - 00162816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\puiapi.dll
2014-09-18 14:48 - 2014-07-24 16:07 - 01705472 _____ (Microsoft Corporation) C:\WINDOWS\system32\wucltux.dll
2014-09-18 14:48 - 2014-07-24 16:06 - 00080896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wudriver.dll
2014-09-18 14:48 - 2014-07-24 16:05 - 00448000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VAN.dll
2014-09-18 14:48 - 2014-07-24 16:04 - 00667136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2014-09-18 14:48 - 2014-07-24 16:02 - 03465216 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2014-09-18 14:48 - 2014-07-24 16:01 - 05833216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Search.dll
2014-09-18 14:48 - 2014-07-24 16:01 - 01992192 _____ (Microsoft Corporation) C:\WINDOWS\system32\XpsPrint.dll
2014-09-18 14:48 - 2014-07-24 16:01 - 01126912 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchFolder.dll
2014-09-18 14:48 - 2014-07-24 16:00 - 02100736 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsAdminFlowUI.dll
2014-09-18 14:48 - 2014-07-24 15:58 - 00432640 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanconn.dll
2014-09-18 14:48 - 2014-07-24 15:58 - 00288768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\stobject.dll
2014-09-18 14:48 - 2014-07-24 15:54 - 01290752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XpsPrint.dll
2014-09-18 14:48 - 2014-07-24 15:50 - 01182208 _____ (Microsoft Corporation) C:\WINDOWS\system32\printui.dll
2014-09-18 14:48 - 2014-07-24 15:50 - 00923136 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSShared.dll
2014-09-18 14:48 - 2014-07-24 15:49 - 00263680 _____ (Microsoft Corporation) C:\WINDOWS\system32\DafPrintProvider.dll
2014-09-18 14:48 - 2014-07-24 15:47 - 00576512 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSync.dll
2014-09-18 14:48 - 2014-07-24 15:46 - 08652800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Search.dll
2014-09-18 14:48 - 2014-07-24 15:44 - 01057792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\printui.dll
2014-09-18 14:48 - 2014-07-24 15:43 - 02696704 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers.dll
2014-09-18 14:48 - 2014-07-24 15:43 - 00756224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSShared.dll
2014-09-18 14:48 - 2014-07-24 15:43 - 00200192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DafPrintProvider.dll
2014-09-18 14:48 - 2014-07-24 15:41 - 00459264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSync.dll
2014-09-18 14:48 - 2014-07-24 15:39 - 02642944 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll
2014-09-18 14:48 - 2014-07-24 15:38 - 06649344 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2014-09-18 14:48 - 2014-07-24 15:38 - 05777408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2014-09-18 14:48 - 2014-07-24 15:33 - 03360768 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll
2014-09-18 14:48 - 2014-07-24 15:30 - 02318336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authui.dll
2014-09-18 14:48 - 2014-07-24 15:28 - 01600000 _____ (Microsoft Corporation) C:\WINDOWS\system32\workfolderssvc.dll
2014-09-18 14:48 - 2014-07-24 12:11 - 00513544 _____ () C:\WINDOWS\SysWOW64\locale.nls
2014-09-18 14:48 - 2014-07-24 12:11 - 00513544 _____ () C:\WINDOWS\system32\locale.nls
2014-09-18 14:48 - 2014-07-12 13:55 - 00268288 _____ (Microsoft Corporation) C:\WINDOWS\system32\wisp.dll
2014-09-18 14:48 - 2014-07-12 13:23 - 00436224 _____ (Microsoft Corporation) C:\WINDOWS\system32\certcli.dll
2014-09-18 14:48 - 2014-07-12 12:58 - 00210944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wisp.dll
2014-09-18 14:48 - 2014-07-12 12:33 - 00318976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\certcli.dll
2014-09-18 14:48 - 2014-07-12 12:13 - 01417216 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2014-09-18 14:48 - 2014-07-10 07:19 - 00387391 _____ () C:\WINDOWS\system32\ApnDatabase.xml
2014-09-18 14:48 - 2014-07-04 20:59 - 00295424 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ks.sys
2014-09-18 14:48 - 2014-07-04 18:29 - 00117248 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxSip.dll
2014-09-18 14:48 - 2014-07-04 18:20 - 01656832 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2014-09-18 14:48 - 2014-07-04 18:06 - 00095232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxSip.dll
2014-09-18 14:48 - 2014-07-04 18:00 - 01351168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2014-09-18 14:48 - 2014-07-04 17:30 - 00544768 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxPackaging.dll
2014-09-18 14:48 - 2014-07-04 17:27 - 00474112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxPackaging.dll
2014-09-18 14:48 - 2014-06-27 14:22 - 00246272 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srvnet.sys
2014-09-18 14:48 - 2014-06-26 08:32 - 01029632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mispace.dll
2014-09-18 14:48 - 2014-06-26 08:29 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\dab.dll
2014-09-18 14:48 - 2014-06-20 07:37 - 00206848 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb20.sys
2014-09-18 14:48 - 2014-06-19 10:13 - 00310080 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\volsnap.sys
2014-09-18 14:48 - 2014-06-14 14:03 - 02389504 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d10warp.dll
2014-09-18 14:48 - 2014-06-14 13:46 - 02071552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d10warp.dll
2014-09-18 14:48 - 2014-06-07 20:46 - 00216368 _____ (Microsoft Corporation) C:\WINDOWS\system32\rsaenh.dll
2014-09-18 14:48 - 2014-06-07 18:20 - 00189016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rsaenh.dll
2014-09-18 14:48 - 2014-06-05 22:00 - 01118040 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys
2014-09-18 14:48 - 2014-06-05 18:18 - 01018368 _____ (Microsoft Corporation) C:\WINDOWS\system32\aclui.dll
2014-09-18 14:48 - 2014-06-05 17:42 - 00889856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aclui.dll
2014-09-18 14:48 - 2014-05-31 13:00 - 01463808 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsecedit.dll
2014-09-18 14:48 - 2014-05-31 12:18 - 01319936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsecedit.dll
2014-09-18 14:48 - 2014-05-29 14:23 - 00427008 _____ (Microsoft Corporation) C:\WINDOWS\system32\clusapi.dll
2014-09-18 14:48 - 2014-05-29 13:25 - 00313856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\clusapi.dll
2014-09-18 14:48 - 2014-05-29 13:20 - 00427520 _____ (Microsoft Corporation) C:\WINDOWS\system32\schannel.dll
2014-09-18 14:48 - 2014-05-29 12:36 - 00344576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\schannel.dll
2014-09-18 14:48 - 2014-05-26 15:26 - 00053248 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxSysprep.dll
2014-09-18 14:48 - 2014-05-10 18:12 - 00387896 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcryptprimitives.dll
2014-09-18 14:48 - 2014-05-10 16:46 - 00335680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcryptprimitives.dll
2014-09-18 14:48 - 2014-05-06 12:41 - 00486744 _____ (Microsoft Corporation) C:\WINDOWS\system32\netcfgx.dll
2014-09-18 14:48 - 2014-05-06 08:55 - 00391000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netcfgx.dll
2014-09-18 14:48 - 2014-03-25 10:27 - 00160600 _____ (Microsoft Corporation) C:\WINDOWS\system32\winmmbase.dll
2014-09-18 14:48 - 2014-03-25 10:27 - 00123920 _____ (Microsoft Corporation) C:\WINDOWS\system32\winmm.dll
2014-09-18 14:48 - 2014-03-25 09:20 - 00128568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winmm.dll
2014-09-18 14:48 - 2014-03-25 09:20 - 00127544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winmmbase.dll
2014-09-18 14:42 - 2014-08-23 15:48 - 02374784 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2014-09-18 14:42 - 2014-08-23 15:13 - 02084520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2014-09-18 14:42 - 2014-08-23 14:10 - 00068096 _____ (Microsoft Corporation) C:\WINDOWS\system32\UXInit.dll
2014-09-18 14:42 - 2014-08-23 13:32 - 00050176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UXInit.dll
2014-09-18 14:42 - 2014-08-23 12:44 - 02860032 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll
2014-09-18 14:42 - 2014-08-23 12:34 - 13423104 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2014-09-18 14:42 - 2014-08-23 12:33 - 00796672 _____ (Microsoft Corporation) C:\WINDOWS\system32\uDWM.dll
2014-09-18 14:42 - 2014-08-23 12:31 - 01038336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\actxprxy.dll
2014-09-18 14:42 - 2014-08-23 12:20 - 11818496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2014-09-18 14:41 - 2014-07-30 09:56 - 00299520 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSDMon.dll
2014-09-18 14:41 - 2014-07-29 13:22 - 00205824 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcpmon.dll
2014-09-18 14:36 - 2014-08-15 08:36 - 00146752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\msgpioclx.sys
2014-09-17 00:31 - 2014-10-01 22:06 - 00000000 ____D () C:\Users\Mark\Desktop\Desktop ICONS
2014-09-16 19:48 - 2014-09-16 19:04 - 00013201 _____ () C:\Users\Mark\Documents\HD Movies collection.xlsx
2014-09-16 02:35 - 2014-09-16 02:36 - 00000000 ____D () C:\Users\Mark\Desktop\Bourne Series 4 HD
2014-09-11 22:30 - 2014-09-11 22:30 - 00759482 _____ () C:\Users\Mark\Downloads\leannesstudiopics.zip
2014-09-11 17:01 - 2014-08-16 10:40 - 23591424 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2014-09-11 17:01 - 2014-08-16 10:04 - 17455104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2014-09-11 17:01 - 2014-08-16 10:00 - 05833728 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2014-09-11 17:01 - 2014-08-16 10:00 - 02793984 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2014-09-11 17:01 - 2014-08-16 09:56 - 00547328 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2014-09-11 17:01 - 2014-08-16 09:54 - 00083968 _____ (Microsoft Corporation) C:\WINDOWS\system32\MshtmlDac.dll
2014-09-11 17:01 - 2014-08-16 09:45 - 04232704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2014-09-11 17:01 - 2014-08-16 09:43 - 00758272 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2014-09-11 17:01 - 2014-08-16 09:32 - 00446464 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtmsft.dll
2014-09-11 17:01 - 2014-08-16 09:25 - 00072704 _____ (Microsoft Corporation) C:\WINDOWS\system32\JavaScriptCollectionAgent.dll
2014-09-11 17:01 - 2014-08-16 09:22 - 00454656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2014-09-11 17:01 - 2014-08-16 09:20 - 00061952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MshtmlDac.dll
2014-09-11 17:01 - 2014-08-16 09:19 - 00085504 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2014-09-11 17:01 - 2014-08-16 09:18 - 02185728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2014-09-11 17:01 - 2014-08-16 09:18 - 00289280 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2014-09-11 17:01 - 2014-08-16 09:11 - 00597504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
2014-09-11 17:01 - 2014-08-16 09:06 - 00359424 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2014-09-11 17:01 - 2014-08-16 09:05 - 00727040 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2014-09-11 17:01 - 2014-08-16 09:05 - 00707072 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2014-09-11 17:01 - 2014-08-16 09:03 - 02104832 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2014-09-11 17:01 - 2014-08-16 09:03 - 00365056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtmsft.dll
2014-09-11 17:01 - 2014-08-16 08:58 - 00060416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\JavaScriptCollectionAgent.dll
2014-09-11 17:01 - 2014-08-16 08:56 - 02310656 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2014-09-11 17:01 - 2014-08-16 08:53 - 13588480 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2014-09-11 17:01 - 2014-08-16 08:53 - 00243200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
2014-09-11 17:01 - 2014-08-16 08:53 - 00069632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll
2014-09-11 17:01 - 2014-08-16 08:51 - 11769856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2014-09-11 17:01 - 2014-08-16 08:45 - 00603136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2014-09-11 17:01 - 2014-08-16 08:44 - 02014208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2014-09-11 17:01 - 2014-08-16 08:44 - 00312320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2014-09-11 17:01 - 2014-08-16 08:34 - 01447424 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2014-09-11 17:01 - 2014-08-16 08:20 - 01812992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2014-09-11 17:01 - 2014-08-16 08:18 - 00775168 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2014-09-11 17:01 - 2014-08-16 08:14 - 01190400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2014-09-11 17:01 - 2014-08-16 08:12 - 00678400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2014-09-11 17:01 - 2014-05-30 17:28 - 00051200 _____ (Microsoft Corporation) C:\WINDOWS\system32\jsproxy.dll
2014-09-11 17:01 - 2014-05-30 16:43 - 00061952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iesetup.dll
2014-09-11 17:01 - 2014-02-06 19:30 - 02724864 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
2014-09-11 17:01 - 2014-02-06 19:30 - 00004096 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwcollectorres.dll
2014-09-11 17:01 - 2014-02-06 19:07 - 00066048 _____ (Microsoft Corporation) C:\WINDOWS\system32\iesetup.dll
2014-09-11 17:01 - 2014-02-06 19:06 - 00048640 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwproxystub.dll
2014-09-11 17:01 - 2014-02-06 18:56 - 00033792 _____ (Microsoft Corporation) C:\WINDOWS\system32\iernonce.dll
2014-09-11 17:01 - 2014-02-06 18:49 - 00139264 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieUnatt.exe
2014-09-11 17:01 - 2014-02-06 18:48 - 00111616 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwcollector.exe
2014-09-11 17:01 - 2014-02-06 18:20 - 02724864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb
2014-09-11 17:01 - 2014-02-06 18:17 - 00195584 _____ (Microsoft Corporation) C:\WINDOWS\system32\msrating.dll
2014-09-11 17:01 - 2014-02-06 18:00 - 00051200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieetwproxystub.dll
2014-09-11 17:01 - 2014-02-06 17:52 - 00043008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jsproxy.dll
2014-09-11 17:01 - 2014-02-06 17:52 - 00032768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iernonce.dll
2014-09-11 17:01 - 2014-02-06 17:47 - 00112128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieUnatt.exe
2014-09-11 17:01 - 2014-02-06 17:25 - 00164864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrating.dll
2014-09-11 14:57 - 2014-09-05 10:36 - 00097280 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepic.dll
2014-09-11 14:57 - 2014-09-05 10:31 - 00527360 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2014-09-11 14:57 - 2014-09-05 08:48 - 00738816 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepdu.dll
2014-09-11 14:56 - 2014-08-02 08:18 - 01212928 _____ (Microsoft Corporation) C:\WINDOWS\system32\schedsvc.dll
2014-09-11 14:56 - 2014-07-24 11:20 - 00875688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvcr120_clr0400.dll
2014-09-11 14:56 - 2014-07-24 11:20 - 00869544 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvcr120_clr0400.dll
2014-09-11 14:28 - 2014-09-11 14:29 - 00005901 _____ () C:\Users\Mark\Downloads\Fw_ The Star Spangled Banner - as you've never heard it before!

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-10-09 10:33 - 2014-01-03 14:44 - 00000000 ____D () C:\Users\Mark\AppData\Roaming\Skype
2014-10-09 10:20 - 2014-01-13 06:34 - 00000926 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2014-10-09 10:01 - 2014-01-03 14:15 - 00000830 _____ () C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2014-10-09 10:00 - 2013-08-22 23:36 - 00000000 ____D () C:\WINDOWS\system32\sru
2014-10-09 08:17 - 2014-01-29 10:56 - 01426331 _____ () C:\WINDOWS\WindowsUpdate.log
2014-10-09 08:17 - 2014-01-05 05:27 - 00004996 _____ () C:\WINDOWS\System32\Tasks\Microsoft Office 15 Sync Maintenance for MBASUS31DEC2103-Mark MBAsus31Dec2103
2014-10-09 08:06 - 2014-01-03 13:24 - 00003600 _____ () C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1579019205-3585864088-4210726827-1001
2014-10-09 08:01 - 2014-01-03 14:36 - 00000000 ___DO () C:\Users\Mark\SkyDrive
2014-10-09 08:00 - 2013-11-14 15:28 - 00863592 _____ () C:\WINDOWS\system32\PerfStringBackup.INI
2014-10-09 07:57 - 2014-08-05 10:57 - 00000000 ___RD () C:\Users\Mark\Google Drive
2014-10-09 07:57 - 2014-01-03 13:16 - 00000422 _____ () C:\Users\Mark\AppData\Roaming\sp_data.sys
2014-10-09 07:56 - 2014-01-13 06:34 - 00002205 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-10-09 07:56 - 2014-01-13 06:34 - 00000922 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2014-10-09 01:03 - 2014-05-05 13:57 - 00000000 ____D () C:\Program Files (x86)\Free Download Manager
2014-10-09 00:07 - 2013-08-22 22:45 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2014-10-09 00:07 - 2013-08-22 21:25 - 00262144 ___SH () C:\WINDOWS\system32\config\BBI
2014-10-08 23:01 - 2014-01-14 16:50 - 00000000 ____D () C:\ProgramData\Spybot - Search & Destroy
2014-10-08 22:22 - 2013-11-14 15:20 - 00046844 _____ () C:\WINDOWS\PFRO.log
2014-10-07 13:01 - 2014-02-02 09:35 - 02909184 ___SH () C:\Users\Mark\Desktop\Thumbs.db
2014-10-07 11:02 - 2013-08-22 23:36 - 00000000 ____D () C:\WINDOWS\Branding
2014-10-07 10:10 - 2014-01-29 10:52 - 00000000 ____D () C:\Users\Mark
2014-10-07 10:10 - 2014-01-11 14:16 - 00000000 ____D () C:\Program Files (x86)\JustCloud
2014-10-07 10:10 - 2012-07-26 13:26 - 00000226 _____ () C:\WINDOWS\win.ini
2014-10-07 10:06 - 2014-01-04 07:03 - 00000000 ____D () C:\Users\Mark\AppData\Roaming\uTorrent
2014-10-05 07:24 - 2014-01-03 14:22 - 00000000 ____D () C:\Users\Mark\AppData\Roaming\vlc
2014-10-03 23:08 - 2013-08-22 23:36 - 00000000 ____D () C:\WINDOWS\AppReadiness
2014-10-01 16:46 - 2014-01-14 16:21 - 00000000 ____D () C:\Program Files (x86)\Spybot - Search & Destroy 2
2014-10-01 15:22 - 2014-08-27 08:42 - 00018516 _____ () C:\WINDOWS\setupact.log
2014-10-01 12:17 - 2014-01-04 02:52 - 00000000 ____D () C:\Users\Mark\Desktop\Work
2014-10-01 12:10 - 2014-08-08 12:07 - 00007887 _____ () C:\WINDOWS\BRRBCOM.INI
2014-09-30 23:15 - 2014-03-15 18:45 - 00823808 ___SH () C:\Users\Mark\Downloads\Thumbs.db
2014-09-30 18:23 - 2014-07-31 10:47 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-09-30 18:23 - 2014-03-25 19:58 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-09-30 18:23 - 2013-08-22 22:44 - 00371720 _____ () C:\WINDOWS\system32\FNTCACHE.DAT
2014-09-28 08:11 - 2014-01-03 14:13 - 00000000 ____D () C:\Program Files\Microsoft Office 15
2014-09-26 00:33 - 2013-08-22 23:36 - 00000000 ____D () C:\WINDOWS\rescache
2014-09-25 14:22 - 2014-01-03 13:15 - 00000000 ____D () C:\Users\Mark\AppData\Local\Packages
2014-09-24 23:10 - 2012-07-26 15:59 - 00000000 ____D () C:\WINDOWS\CbsTemp
2014-09-19 23:23 - 2014-01-23 05:58 - 00025594 _____ () C:\Users\Mark\Downloads\EHI Expense Form_ 2014(1).xlsx
2014-09-18 19:16 - 2014-08-16 20:54 - 00000000 ___RD () C:\Program Files (x86)\Skype
2014-09-18 19:15 - 2014-01-03 14:44 - 00002531 _____ () C:\Users\Public\Desktop\Skype.lnk
2014-09-18 19:15 - 2014-01-03 14:44 - 00000000 ____D () C:\ProgramData\Skype
2014-09-18 18:15 - 2014-01-15 14:42 - 00002457 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2014-09-18 18:11 - 2014-03-06 01:55 - 00000000 ____D () C:\Users\Mark\AppData\Roaming\Apple Computer
2014-09-18 18:07 - 2013-11-14 15:17 - 00000000 ____D () C:\Program Files\Windows Journal
2014-09-18 18:07 - 2013-08-22 23:36 - 00000000 ___RD () C:\WINDOWS\ToastData
2014-09-18 18:07 - 2013-08-22 23:36 - 00000000 ___RD () C:\WINDOWS\ImmersiveControlPanel
2014-09-18 18:07 - 2013-08-22 23:36 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2014-09-18 18:07 - 2013-08-22 23:36 - 00000000 ___RD () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2014-09-18 18:07 - 2013-08-22 23:36 - 00000000 ____D () C:\WINDOWS\WinStore
2014-09-18 18:07 - 2013-08-22 23:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\setup
2014-09-18 18:07 - 2013-08-22 23:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\InputMethod
2014-09-18 18:07 - 2013-08-22 23:36 - 00000000 ____D () C:\WINDOWS\system32\setup
2014-09-18 18:07 - 2013-08-22 21:36 - 00000000 ____D () C:\WINDOWS\system32\oobe
2014-09-18 15:40 - 2014-01-04 00:45 - 00000000 ____D () C:\WINDOWS\system32\MRT
2014-09-18 15:38 - 2014-01-04 00:45 - 101694776 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2014-09-17 14:34 - 2014-02-18 18:18 - 00000000 ____D () C:\Users\Mark\Desktop\Desktop pics
2014-09-17 02:38 - 2014-07-11 03:37 - 00000000 ____D () C:\Users\Mark\Desktop\2014-07-10 Energy
2014-09-17 00:27 - 2014-02-26 18:28 - 00000000 ____D () C:\Users\Mark\Documents\PDF files
2014-09-11 23:02 - 2014-07-11 12:21 - 00000000 ___SD () C:\WINDOWS\system32\CompatTel
2014-09-11 22:56 - 2013-08-22 23:36 - 00000000 ____D () C:\WINDOWS\system32\NDF
2014-09-11 17:01 - 2014-01-14 23:32 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-09-11 15:01 - 2014-01-03 14:15 - 00003718 _____ () C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater

Files to move or delete:
====================
C:\ProgramData\SetStretch.exe


Some content of TEMP:
====================
C:\Users\Mark\AppData\Local\Temp\Quarantine.exe
C:\Users\Mark\AppData\Local\Temp\SkypeSetup.exe
C:\Users\Mark\AppData\Local\Temp\vlc-2.1.5-win32.exe
C:\Users\Mark\AppData\Local\Temp\_is5206.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-10-09 00:49

==================== End Of Log ============================
OCD
2014-10-09, 07:35
Hi lonchpad,

Just a few items I overlooked.

http://i1269.photobucket.com/albums/jj590/OCD-WTT/bullseye_zpse9eaf36e.gif (http://s1269.photobucket.com/user/OCD-WTT/media/bullseye_zpse9eaf36e.gif.html) FRST Fix Script

Open notepad. Please copy the contents of the code box below. To do this highlight the contents of the box and right click on it. Paste this into the open notepad. Save it on the desktop as fixlist.txt



Start
HKU\S-1-5-21-1579019205-3585864088-4210726827-1001\...\MountPoints2: {01114c1d-0764-11e4-bea6-582c80139263} - "G:\AutoRun.exe"
HKU\S-1-5-21-1579019205-3585864088-4210726827-1001\...\MountPoints2: {055c0a3a-d0fe-11e3-be96-84a6c8e4c414} - "G:\AutoRun.exe"
HKU\S-1-5-21-1579019205-3585864088-4210726827-1001\...\MountPoints2: {140c7816-36ad-11e4-beb2-84a6c8e4c414} - "G:\AutoRun.exe"
HKU\S-1-5-21-1579019205-3585864088-4210726827-1001\...\MountPoints2: {17800a7f-34c5-11e4-beb0-84a6c8e4c414} - "G:\AutoRun.exe"
HKU\S-1-5-21-1579019205-3585864088-4210726827-1001\...\MountPoints2: {17800f34-34c5-11e4-beb0-84a6c8e4c414} - "G:\AutoRun.exe"
HKU\S-1-5-21-1579019205-3585864088-4210726827-1001\...\MountPoints2: {25fe3a0a-bcbd-11e3-be92-582c80139263} - "H:\LaunchU3.exe" -a
HKU\S-1-5-21-1579019205-3585864088-4210726827-1001\...\MountPoints2: {6c4768c9-078b-11e4-bea7-84a6c8e4c414} - "G:\AutoRun.exe"
HKU\S-1-5-21-1579019205-3585864088-4210726827-1001\...\MountPoints2: {6c477ef7-078b-11e4-bea7-84a6c8e4c414} - "G:\AutoRun.exe"
HKU\S-1-5-21-1579019205-3585864088-4210726827-1001\...\MountPoints2: {6c4780a4-078b-11e4-bea7-84a6c8e4c414} - "G:\AutoRun.exe"
HKU\S-1-5-21-1579019205-3585864088-4210726827-1001\...\MountPoints2: {fd22fcb2-a2dd-11e3-be87-84a6c8e4c414} - "G:\AutoRun.exe"
EmptyTemp:
End


NOTICE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system

Run FRST and press the Fix button just once and wait.
The tool will make a log (Fixlog.txt) please post it to your reply.

=========================

In your next post please provide the following:

Fixlog.txt
How is the computer running, any remaining issues?
lonchpad
2014-10-09, 08:25
Hello OCD

here is your requested,

Everything seems to be running ok at this point.

the only annoying thing i have is when i use Gmail in the Non basic HTML format, the cursor disappears every few seconds and reappears in regular interval. while it appears you are not typing your email you actually are, you just cant see it, heck its doing that same thing here?,... interesting.

anyway, probably a gmail thing..


once again thank you very much..




Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 06-10-2014 01
Ran by Mark at 2014-10-09 13:05:00 Run:2
Running from C:\Users\Mark\Desktop
Loaded Profile: Mark (Available profiles: Mark)
Boot Mode: Normal
==============================================

Content of fixlist:
*****************

Start
HKU\S-1-5-21-1579019205-3585864088-4210726827-1001\...\MountPoints2: {01114c1d-0764-11e4-bea6-582c80139263} - "G:\AutoRun.exe"
HKU\S-1-5-21-1579019205-3585864088-4210726827-1001\...\MountPoints2: {055c0a3a-d0fe-11e3-be96-84a6c8e4c414} - "G:\AutoRun.exe"
HKU\S-1-5-21-1579019205-3585864088-4210726827-1001\...\MountPoints2: {140c7816-36ad-11e4-beb2-84a6c8e4c414} - "G:\AutoRun.exe"
HKU\S-1-5-21-1579019205-3585864088-4210726827-1001\...\MountPoints2: {17800a7f-34c5-11e4-beb0-84a6c8e4c414} - "G:\AutoRun.exe"
HKU\S-1-5-21-1579019205-3585864088-4210726827-1001\...\MountPoints2: {17800f34-34c5-11e4-beb0-84a6c8e4c414} - "G:\AutoRun.exe"
HKU\S-1-5-21-1579019205-3585864088-4210726827-1001\...\MountPoints2: {25fe3a0a-bcbd-11e3-be92-582c80139263} - "H:\LaunchU3.exe" -a
HKU\S-1-5-21-1579019205-3585864088-4210726827-1001\...\MountPoints2: {6c4768c9-078b-11e4-bea7-84a6c8e4c414} - "G:\AutoRun.exe"
HKU\S-1-5-21-1579019205-3585864088-4210726827-1001\...\MountPoints2: {6c477ef7-078b-11e4-bea7-84a6c8e4c414} - "G:\AutoRun.exe"
HKU\S-1-5-21-1579019205-3585864088-4210726827-1001\...\MountPoints2: {6c4780a4-078b-11e4-bea7-84a6c8e4c414} - "G:\AutoRun.exe"
HKU\S-1-5-21-1579019205-3585864088-4210726827-1001\...\MountPoints2: {fd22fcb2-a2dd-11e3-be87-84a6c8e4c414} - "G:\AutoRun.exe"
EmptyTemp:
End
*****************

"HKU\S-1-5-21-1579019205-3585864088-4210726827-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{01114c1d-0764-11e4-bea6-582c80139263}" => Key deleted successfully.
"HKCR\CLSID\{01114c1d-0764-11e4-bea6-582c80139263}" => Key not found.
"HKU\S-1-5-21-1579019205-3585864088-4210726827-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{055c0a3a-d0fe-11e3-be96-84a6c8e4c414}" => Key deleted successfully.
"HKCR\CLSID\{055c0a3a-d0fe-11e3-be96-84a6c8e4c414}" => Key not found.
"HKU\S-1-5-21-1579019205-3585864088-4210726827-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{140c7816-36ad-11e4-beb2-84a6c8e4c414}" => Key deleted successfully.
"HKCR\CLSID\{140c7816-36ad-11e4-beb2-84a6c8e4c414}" => Key not found.
"HKU\S-1-5-21-1579019205-3585864088-4210726827-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{17800a7f-34c5-11e4-beb0-84a6c8e4c414}" => Key deleted successfully.
"HKCR\CLSID\{17800a7f-34c5-11e4-beb0-84a6c8e4c414}" => Key not found.
"HKU\S-1-5-21-1579019205-3585864088-4210726827-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{17800f34-34c5-11e4-beb0-84a6c8e4c414}" => Key deleted successfully.
"HKCR\CLSID\{17800f34-34c5-11e4-beb0-84a6c8e4c414}" => Key not found.
"HKU\S-1-5-21-1579019205-3585864088-4210726827-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{25fe3a0a-bcbd-11e3-be92-582c80139263}" => Key deleted successfully.
"HKCR\CLSID\{25fe3a0a-bcbd-11e3-be92-582c80139263}" => Key not found.
"HKU\S-1-5-21-1579019205-3585864088-4210726827-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{6c4768c9-078b-11e4-bea7-84a6c8e4c414}" => Key deleted successfully.
"HKCR\CLSID\{6c4768c9-078b-11e4-bea7-84a6c8e4c414}" => Key not found.
"HKU\S-1-5-21-1579019205-3585864088-4210726827-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{6c477ef7-078b-11e4-bea7-84a6c8e4c414}" => Key deleted successfully.
"HKCR\CLSID\{6c477ef7-078b-11e4-bea7-84a6c8e4c414}" => Key not found.
"HKU\S-1-5-21-1579019205-3585864088-4210726827-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{6c4780a4-078b-11e4-bea7-84a6c8e4c414}" => Key deleted successfully.
"HKCR\CLSID\{6c4780a4-078b-11e4-bea7-84a6c8e4c414}" => Key not found.
"HKU\S-1-5-21-1579019205-3585864088-4210726827-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{fd22fcb2-a2dd-11e3-be87-84a6c8e4c414}" => Key deleted successfully.
"HKCR\CLSID\{fd22fcb2-a2dd-11e3-be87-84a6c8e4c414}" => Key not found.
EmptyTemp: => Removed 931.9 MB temporary data.


The system needed a reboot.

==== End of Fixlog ====
lonchpad
2014-10-09, 08:56
Hi OCD,

BTW wanted to share this with you.

I'm a US citizen living in the Philippines, survived that super typhoon Yolanda/Hyan @ ground "0"

I am 12 hrs ahead of you,

Please pay attention to this Ebola epidemic.

It can be transmitted through "air" as super small water droplets from the affected person can float in air for a short time.

hxxp/www.naturalcuresnotmedicine.com/ebola-youre-told/

Many might think they are immune because they are in the US but I wouldn't take this one for granted.


Again thanks for all your help.

MB:thanks:
OCD
2014-10-09, 17:42
Hi lonchpad,

Since you say the cursor issue happens while typing on this forum I would conclude that it is not a Gmail issue, but may be a browser issue. Which browser/s does it occur while using? It also could be a setting for the keyboard in the control panel. You could try adjusting the settings via the control panel to see if that has any effect.

Your log appears to be clean.
We have a few items to take care of before we get to the All Clean Speech.

= = = = = = = = = = = = = = = = = = = =

http://i1269.photobucket.com/albums/jj590/OCD-WTT/bullseye_zpse9eaf36e.gif (http://s1269.photobucket.com/user/OCD-WTT/media/bullseye_zpse9eaf36e.gif.html) Remove Disinfection Tools


Download Delfix (http://general-changelog-team.fr/fr/downloads/finish/20-outils-de-xplode/9-delfix)
Tick the following boxes:

Remove disinfection tools
Create registry backup
Purge system restore


http://i1269.photobucket.com/albums/jj590/OCD-WTT/Delfix_zpsbce6c60b.gif (http://s1269.photobucket.com/user/OCD-WTT/media/Delfix_zpsbce6c60b.gif.html)


Click Run
Any other tools and files found can simply be deleted or uninstall via the Control Panel.

= = = = = = = = = = = = = = = = = = = =


With the above items taken care of let's move on to the All Clean part of the process.

The following procedures are recommendations for helping to keep your system running smoothly. If you are currently satisfied with how your system is running some or all of these may not pertain to you. Implement what you need.

This infection appears to have been cleaned, but I can not give you any absolute guarantees. As a precaution, I would go ahead and change all of your passwords as this is especially important after an infection.

Any of the logs that you created for use in the forums or remaining tools that have not yet been removed can be deleted so they aren't cluttering up your desktop.

Here are some tips to reduce the potential for spyware infection in the future:

Make your Internet Explorer more secure - This can be done by following these simple instructions:

From within Internet Explorer click on the Tools menu and then click on Options.
Click once on the Security tab
Click once on the Internet icon so it becomes highlighted.
Click once on the Custom Level button.
Change the Download signed ActiveX controls to Prompt
Change the Download unsigned ActiveX controls to Disable
Change the Initialize and script ActiveX controls not marked as safe to Disable
Change the Launching programs and files in an IFRAME to Prompt
Change the Navigate windows and frames across different domains to Prompt
When all these settings have been made, click on the OK button.
If it prompts you as to whether or not you want to save the settings, press the Yes button.
Next press the Apply button and then the OK to exit the Internet Properties page.
Make your Mozilla Firefox more secure - This can be done by adding these add-ons:


NoScript (https://addons.mozilla.org/en-US/firefox/addon/noscript/?src=ss)
AdBlockPlus (https://addons.mozilla.org/en-US/firefox/addon/adblock-plus/)

Use and update an anti-virus software - I can not overemphasize the need for you to use and update your anti-virus application on a regular basis. With the ever increasing number of new variants of malware arriving on the scene daily, you become very susceptible to an attack without updated protection.

Free Anti-Virus

Avast Free Antivirus (http://download.cnet.com/Avast-Free-Antivirus/3000-2239_4-10019223.html)
Avira Free Antivirus 2013 (http://download.cnet.com/Avira-Free-Antivirus-2013/3000-2239_4-10322935.html)
PC Tools AntiVirus Free (http://download.cnet.com/PC-Tools-AntiVirus-Free/3000-2239_4-10625067.html)
Ad-Aware Free Antivirus + (http://download.cnet.com/Ad-Aware-Free-Antivirus/3000-8022_4-10045910.html)

Free Firewall
Using a third-party firewall will allow you to give/deny access for applications that want to go online. Without a firewall your computer is susceptible to being hacked and taken over. Simply using a firewall in its default configuration can lower your risk greatly. A tutorial on firewalls can be found here (http://www.bleepingcomputer.com/tutorials/understanding-and-using-firewalls/).

Online Armor Free (http://download.cnet.com/Online-Armor-Free/3000-10435_4-10426782.html)
Agnitum Outpost Firewall Free (http://download.cnet.com/Agnitum-Outpost-Firewall-Free/3000-10435_4-10913746.html)
Comodo Firewall (http://download.cnet.com/Comodo-Firewall/3000-10435_4-75181464.html)

= = = = = = = = = = = = = = = = = = = =

Be prepared for CryptoLocker:

Cryptolocker Ransomware: What You Need To Know (http://blog.malwarebytes.org/intelligence/2013/10/cryptolocker-ransomware-what-you-need-to-know/#)
CryptoLocker Ransomware Information Guide and FAQ (http://www.bleepingcomputer.com/virus-removal/cryptolocker-ransomware-information)

to help protect your computer in the future I recommend that you get the following free program:

CryptoPrevent (http://www.foolishit.com/vb6-projects/cryptoprevent/) install this program to lock down and prevent crypto-ransomeware

http://i1269.photobucket.com/albums/jj590/OCD-WTT/CryptoPrevent_zps7ddc3ebd.jpg (http://s1269.photobucket.com/user/OCD-WTT/media/CryptoPrevent_zps7ddc3ebd.jpg.html)

= = = = = = = = = = = = = = = = = = = =

COMPUTER SECURITY (http://www.malwareremoval.com/forum/viewtopic.php?p=557960#p557960) - a short guide to staying safer online

= = = = = = = = = = = = = = = = = = = =

WOT (http://www.mywot.com/) Web of Trust, warns you about risky websites that try to scam visitors, deliver malware or send spam. Protect your computer against online threats by using WOT as your front-line layer of protection when browsing or searching in unfamiliar territory. WOT's color-coded icons show you ratings for 21 million websites - green to go, yellow for caution and red to stop, helping you avoid the dangerous sites. WOT has an addon available for both Firefox and IE.

Green should be good to go
Yellow for caution
Red to stop

= = = = = = = = = = = = = = = = = = = =

P2P may be a great way to get lots of stuffs, but it is a great way to get infected as well. There's no way to tell if the file being shared is infected. Worse still, some worms spread via P2P networks, infecting you as well.

Please read these short reports on the dangers of peer-2-peer programs and file sharing.

FBI Cyber Education Letter (http://www.fbi.gov/cyberinvest/cyberedletter.htm)
USAToday (http://www.usatoday.com/tech/columnist/kimkomando/2006-04-13-file-sharing-woes_x.htm)
infoworld (http://www.infoworld.com/article/07/09/06/Seattle-man-arrested-for-p-to-p-ID-theft_1.html)


= = = = = = = = = = = = = = = = = = = =

Make sure you keep your Windows OS current.

Windows XP:
Microsoft will no longer offer support for Windows XP beginning on April 8, 2014
If you are running Windows XP, please take the time to read the information provided at these links.

Windows XP - The Elephant In The Room (http://www.malwareremoval.com/forum/viewtopic.php?p=630064#p630064)
Windows XP - The end of the road (http://techpageone.dell.com/technology/windows-xp-end-road/?dgc=BA&cid=272099&lid=5049884&acd=12309189674467600#.UxUoP4W9Is3)

Windows Vista/7 users can open the Start menu > All Programs > Windows Update > Check for Updates (in left hand task pane) to update these systems.
Window 8 Open Windows Update by swiping in from the right edge of the screen (or, if you're using a mouse, pointing to the lower-right corner of the screen and moving the mouse pointer up), tapping or clicking Settings, tapping or clicking Change PC settings, and then tapping or clicking Update and recovery.

Without these you are leaving the back door open.

= = = = = = = = = = = = = = = = = = = =

Consider a custom hosts file such as MVPS HOSTS (http://www.mvps.org/winhelp2002/hosts.htm). This custom hosts file effectively blocks a wide range of unwanted ads, banners, 3rd party Cookies, 3rd party page counters, web bugs, and many hijackers. For information on how to download and install, please read this tutorial by WinHelp2002 (http://www.mvps.org/winhelp2002/hosts.htm)
Note: Be sure to follow the instructions to disable the DNS Client service before installing a custom hosts file.

= = = = = = = = = = = = = = = = = = = =

Finally, I strongly recommend that you read TonyKlein's good advice So how did I get infected in the first place? (http://www.geekstogo.com/forum/index.php?autocom=custom&page=How_did_I)

Please reply to this thread once more if you are satisfied so that we can mark the problem as resolved.
lonchpad
2014-10-10, 04:13
Thank you again,

The malwarebites, does it do antivirus as well?
also, should i uninstall malwarebites if i choose to install a different antivirus like the ones you recommended?

Thanks,

MB
OCD
2014-10-10, 05:11
Hi lonchpad,

Malwarebytes' is a stand alone scanner. It is not an anti-virus program. It is good to keep on hand, so it is not necessary to remove it.

The AV programs I listed are just for reference should you decide to change. If you are currently satisfied with your AV there is no need to change.
OCD
2014-10-12, 07:23
Since this issue appears to be resolved ... this Topic has been closed.

If you still require help, please start a new topic and include fresh FRST and aswMBR logs, along with a link to your previous thread.

Please do not add any logs that might have been requested previously, you would be starting fresh.

Applies only to the original poster, anyone else with similar problems please start your own topic.